Bug #2281

Don't allow 'administrator' permission for internal 'admin' user to be removed

Added by Jon Fautley about 5 years ago. Updated about 5 years ago.

Status:Closed
Priority:Normal
Assigned To:Dominic Cleal
Category:Authorization
Target version:1.2.0
Difficulty: Bugzilla link:
Found in release: Pull request:
Story points-
Velocity based estimate-

Description

Currently, it's possible to remove the 'Administrator' permission from the internal admin user account. Doing so prevents all manner of useful things (reports, facts, build status, etc) from being updated by nodes checking in.

The 'Administrator' bit should be locked on the 'admin' account to prevent this from being disabled (I note there's already logic in place to prevent the user being deleted so hopefully this can just be a small extension to that)

Associated revisions

Revision 6a26fecd
Added by Dominic Cleal about 5 years ago

fixes #2281 - don't allow admin flag to be removed from admin account

History

#1 Updated by Dominic Cleal about 5 years ago

  • Status changed from New to Ready For Testing
  • Assigned To set to Dominic Cleal
  • Priority changed from High to Normal
  • Target version set to 1.2.0

#2 Updated by Dominic Cleal about 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF