[jira] [Updated] (COUCHDB-1374) Server Admin never get deleted

Thu, 05 Jan 2012 03:28:17 -0800 

     [ 
https://issues.apache.org/jira/browse/COUCHDB-1374?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Marcos Zanona updated COUCHDB-1374:
-----------------------------------

    Component/s: Futon
    Description: 
It seems that when creating a Server Admin and then deleting that same user 
with another admin makes the first user stay active, resulting in a no deletion 
and doesn't block the access to the old admin access.
It becomes marked as  {"error":"not_found","reason":"deleted"} but still having 
access to the whole system as an admin.
That is not the case for simple users, only for admin level ones.
* I have experiences this creating these users through Futon

  was:
It seems that when creating a Server Admin and then deleting that same user 
with another admin makes the first user stay active, resulting in a no deletion 
and doesn't block the access to the old admin access.
It becomes marked as  {"error":"not_found","reason":"deleted"} but still having 
access to the whole system as an admin.
That is not the case for simple users, only for admin level ones.

    
> Server Admin never get deleted
> ------------------------------
>
>                 Key: COUCHDB-1374
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1374
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Futon, Infrastructure
>    Affects Versions: 1.1.1
>            Reporter: Marcos Zanona
>              Labels: admin, login, security, validation
>             Fix For: 1.2, 1.3, 1.1.2
>
>
> It seems that when creating a Server Admin and then deleting that same user 
> with another admin makes the first user stay active, resulting in a no 
> deletion and doesn't block the access to the old admin access.
> It becomes marked as  {"error":"not_found","reason":"deleted"} but still 
> having access to the whole system as an admin.
> That is not the case for simple users, only for admin level ones.
> * I have experiences this creating these users through Futon

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to