Defect #1276
It is possible to lock out the last admin account
| Status: | Closed | Start date: | 2008-05-21 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | Administration | |||
| Target version: | 0.7.2 | |||
| Resolution: | Fixed | Affected version: | 0.7.1 |
Description
An admin user can go in to the user settings and lock all admin accounts. When they lock their own account, it immediately logs you off, forcing you to log back in. If you've locked all the admin accounts, then you can't get an admin user back.
It would be good to stop a user from either
- Locking their own account (this should be done by another admin)
- Making themselves a non-administrator
This would prevent users from locking the last admin account or inadvertently doing this by removing themselves from the admin list (as they may be the last admin account)
- redmine-0.7.1
- svn-1.4.6 (over http)
- ruby-1.8.6
- rails-2.0.2
- sqlite3-3.5.8
- mongrel-1.1.4
Associated revisions
Prevent admin users from locking their own account (#1276).
Prevent admin users from making themselves non-administrator (#1276).
History
#1 Updated by Anonymous about 10 years ago
This is posted in relation to http://www.redmine.org/boards/2/topics/show/934
#2
Updated by Jean-Philippe Lang about 10 years ago
- Category set to Administration
- Status changed from New to Closed
- Target version changed from 0.8 to 0.7.2
- Resolution set to Fixed