Bug #2915: Any user can go to admin and log in as other user - Admin - Chamilo Tracking System

Actions

Bug #2915

closed

Any user can go to admin and log in as other user

Added by Jens Vanderheyden almost 13 years ago. Updated over 12 years ago.

Status:

Bug resolved

Priority:

Urgent

Assignee:

-

Target version:

Start date:

21/02/2011

Due date:

% Done:

100%

Estimated time:

Complexity:

Normal

Description

when a user has rights to edit the homepage and clicks on 'administration' in the breadcrumb or when the url of the admin is typed in any user can go to the admin section. all tools are accessible there, rights are only checked in the individual components. it is however possible to login as any other user!!! don't know what other admin-functionality is left unprotected.

Actions

#1

Updated by Sven Vanpoucke almost 13 years ago

This is already fixed on local code and will be pushed very soon.

Actions

#2

Updated by Stefaan Vanbillemont almost 13 years ago

Target version set to 21

Actions

#3

Updated by Sven Vanpoucke almost 13 years ago

Assignee set to Sven Vanpoucke

Actions

#4

Updated by Sven Vanpoucke almost 13 years ago

Status changed from New to Needs testing
% Done changed from 0 to 100

This is fixed on the latest bitbucket code

Actions

#5

Updated by Stefaan Vanbillemont over 12 years ago

Status changed from Needs testing to Bug resolved

Actions

#6

Updated by Hans De Bisschop over 12 years ago

Project changed from Chamilo LCMS Connect to Admin
Category deleted (5)
Target version deleted (21)

Actions

#7

Updated by Hans De Bisschop over 12 years ago

Assignee deleted (~~Sven Vanpoucke~~)
Target version set to 2.1.0

Actions

Also available in: Atom PDF