[MAGNOLIA-5180] Improve error message for user trying to export his/her own user Created: 12/Jul/13 Updated: 24/Jul/13 Resolved: 16/Jul/13 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | admininterface, security |
| Affects Version/s: | 4.4.9, 4.5.6 |
| Fix Version/s: | 4.5.10 |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Natascha Desmarais | Assignee: | Jaroslav Simak |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Tested on: |
||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
| Release notes required: |
Yes
|
| Date of First Response: |
| Description |
|
When trying to export the superuser user being logged in as superuser, the export fails with Looking at the permission for superuser, the user actually has write permission for the users workspace with path "/*" When creating a new user under /admin and assigning the superuser role, this user can export the superuser. So it seems that superuser cannot export its own user, since exporting the anonymous user works fine. Edit: the new user cannot export its own user either. |
| Comments |
| Comment by Jan Haderka [ 12/Jul/13 ] |
|
No user can export/import themselves. This is the side effect of ensuring users can't manipulate their own permissions. |
| Comment by Natascha Desmarais [ 15/Jul/13 ] |
|
Ok thanks, good to know. Maybe we could improve the error message in that case. |