Open saniasiddiqui opened 3 years ago
Here we need to discuss the solution. Current Functionality:
There are two potential problems that can occur on platform change:
P.s. We can restrict the super user to not be able to change platform, in that case we will not be able to view user's information for other connected platforms.
@sojharo @ImranBinShoukat please discuss. Thanks.
When super user changes the platform it should not persist in database. We can put this check on server side or client side. If we can do this, then it would solve the issue.
Go ahead with the solution.
Right now we are allowing super user to change the platform and view acting user's information. There should be a work around for this scenario. We should not allow actual platform of user to be changed by super user. This comes from discussion after team testing backdoor #9784