[X] I have verified that I am running the latest version of the CDP4 Web Services
[X] I have searched open and closed issues to ensure it has not already been reported
Description
Currently it is possible for a person to de-activate himself. This can lead to a lock-out situation where there is no person with sufficient permissions to activate persons again (see example below).
The protocol should be updated so that persons are not allowed to de-activate themselves (and change their own permissions?)
Example:
tested on public server, where the normal admin-user existed next to a testing user as domain expert (i.e. with no permissions to edit other persons).
log in as admin
edit person: uncheck "Active" box
The admin-user can now still perform tasks as long as he is connected. After deconnecting from the session however, the admin-user is not allowed in. This situation cannot be restored.
Please note that this test was performed on the public server (is not yet on 6.0.0 RC5)
Implementation:
Implement (Person?) Side Effect
Add documentation on Annex C side effects in CDP4 SDK Wiki.
Steps to Reproduce
see above. Needs testing on server that can be deleted/restored after performing these steps
System Configuration
CDP4 Web Services version:
[] CDP4Common:
[ ] PostrgreSQL:
[ ] Other:
Environment (Operating system, version and so on):
Prerequisites
Description
Currently it is possible for a person to de-activate himself. This can lead to a lock-out situation where there is no person with sufficient permissions to activate persons again (see example below).
The protocol should be updated so that persons are not allowed to de-activate themselves (and change their own permissions?)
Example: tested on public server, where the normal admin-user existed next to a testing user as domain expert (i.e. with no permissions to edit other persons).
The admin-user can now still perform tasks as long as he is connected. After deconnecting from the session however, the admin-user is not allowed in. This situation cannot be restored.
Please note that this test was performed on the public server (is not yet on 6.0.0 RC5)
Implementation:
Steps to Reproduce
see above. Needs testing on server that can be deleted/restored after performing these steps
System Configuration