Actions
Bug #7584
closedDisable/Delete Account endpoints fail while logged out if their field is not public accessible
Description
If the user uses the disable/delete account confirmation link while not logged in and the field is on a tab marked Registered the confirmation will always fail. The field check in the case of a valid token being supplied should only be checking if it's enabled or disabled.
Updated by krileon over 5 years ago
- Status changed from Assigned to Resolved
- % Done changed from 0 to 100
This will now only confirm field access if a valid token isn't provided. The token acts as a means of validation that they can disable/delete their account.
Actions