melzareix
commented
7 years ago This behaviour is intended, the admin is a seperate entity and is OK to login as client or business while being an admin.
Closed IElgohary closed 6 years ago
melzareix
commented
7 years ago This behaviour is intended, the admin is a seperate entity and is OK to login as client or business while being an admin.
1. Severity: medium 2. Reported by: Islam Elgohary 3. Description: A logged in Client can access the admin login form, and submit it. 4. Steps to reproduce the issue:
1) Login as a Client 2) go to /admin/login 3) fill the form and click "submit" 4) form is submitted to the server
5. Expected result: Logged in client should not be able to access the admin login form.