Skip to content

[5.2] User: Logout also when required to pw reset#44520

Closed
Hackwar wants to merge 1 commit intojoomla:5.2-devfrom
Hackwar:5.2-user-logout
Closed

[5.2] User: Logout also when required to pw reset#44520
Hackwar wants to merge 1 commit intojoomla:5.2-devfrom
Hackwar:5.2-user-logout

Conversation

@Hackwar
Copy link
Member

@Hackwar Hackwar commented Nov 24, 2024

Pull Request for Issue #29576.

Summary of Changes

When a user is required to reset their password, they can't use the direct-logout-menu-item.

Testing Instructions

  1. Create a menu item of type Users -> Logout
  2. Create or edit a user and set the require password reset flag
  3. Login in the frontend with this user
  4. Click on the logout menu link

Actual result BEFORE applying this Pull Request

Logout is denied.

Expected result AFTER applying this Pull Request

Logout is allowed

Link to documentations

Please select:

  • Documentation link for docs.joomla.org:

  • No documentation changes for docs.joomla.org needed

  • Pull Request link for manual.joomla.org:

  • No documentation changes for manual.joomla.org needed

@ghost
Copy link

ghost commented Nov 25, 2024

Test by using User Group Administrator:

Menu "Blog" > Logout (Menu Item Type Logout)

Logout is allowed, but also a Login with unchanged Password.

Menu "Special" > Log out (Menu Item Type Login Form)

Logout is denied.

@brianteeman
Copy link
Contributor

I do not agree with this change. All you should be able to do when password reset is required is to change the password. No other action should be allowed.

@Hackwar
Copy link
Member Author

Hackwar commented Nov 25, 2024

Closing this PR in favour of #44521

@Hackwar Hackwar closed this Nov 25, 2024
@Hackwar Hackwar deleted the 5.2-user-logout branch November 25, 2024 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants

Comments