Bug #1478
closed
Backend approve toggle of already confirmed user changes the random password, but should not change it
Description
The following scenario generates a potential bug:
Relevant CB Configuration parameters:
Autogenerate random registration password Yes
Require Admin Approval Yes
Require Email Confirmation Yes
Frontend registration
applicant receives confirmation email and click on link
admin uses backend user management list to approve pending approval user by clicking on clock
applicant receives email with randomly generated password
applicant can login with these credentials
admin then toggles approved column by clicking on green checkmark that becomes red X mark and again green checkmark
==> At this point credentials previously used do not work!
Updated by nant about 14 years ago
In fact toggling the Approved column will make current password of user worthless!
Updated by beat about 14 years ago
- Target version set to CB 1.2.2
- Estimated time set to 0:18 h
yes, that's a bug, it should do that only when there is a clock for awaiting approval
Updated by beat about 14 years ago
- Subject changed from Backend approve toggle makes random password sent fail to Backend approve toggle of already confirmed user changes the random password, but should not change it
Updated by beat about 14 years ago
- Assignee set to beat
- % Done changed from 0 to 100
Fixed in r884 which improves also use of new API a little bit.