Defect #1276

It is possible to lock out the last admin account

Added by Anonymous over 9 years ago. Updated over 9 years ago.

Status:ClosedStart date:2008-05-21
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Administration
Target version:0.7.2
Resolution:Fixed Affected version:0.7.1

Description

An admin user can go in to the user settings and lock all admin accounts. When they lock their own account, it immediately logs you off, forcing you to log back in. If you've locked all the admin accounts, then you can't get an admin user back.

It would be good to stop a user from either

  • Locking their own account (this should be done by another admin)
  • Making themselves a non-administrator

This would prevent users from locking the last admin account or inadvertently doing this by removing themselves from the admin list (as they may be the last admin account)

  • redmine-0.7.1
  • svn-1.4.6 (over http)
  • ruby-1.8.6
  • rails-2.0.2
  • sqlite3-3.5.8
  • mongrel-1.1.4

Associated revisions

Revision 1448
Added by Jean-Philippe Lang over 9 years ago

Prevent admin users from locking their own account (#1276).

Revision 1449
Added by Jean-Philippe Lang over 9 years ago

Prevent admin users from making themselves non-administrator (#1276).

History

#1 Updated by Anonymous over 9 years ago

#2 Updated by Jean-Philippe Lang over 9 years ago

  • Category set to Administration
  • Status changed from New to Closed
  • Target version changed from 0.8 to 0.7.2
  • Resolution set to Fixed

I agree. Done in r1448 and r1449.

Also available in: Atom PDF