search

inex / IXP-Manager

Full stack web application powering peering at over 200 Internet Exchange Points (IXPs) globally.
https://www.ixpmanager.org/
GNU General Public License v2.0
377 stars 161 forks source link

admin "log on as this user " updates last login date #652

Closed listerr closed 4 years ago

listerr commented 4 years ago
ISSUE TYPE

Bug Report

VERSION
define( 'APPLICATION_VERSION', '5.6.0' );
define( 'APPLICATION_VERDATE', '2020052300' );
ENVIRONMENT
PHP 7.3.14-1+ubuntu16.04.1+deb.sury.org+1 (cli) (built: Jan 23 2020 13:58:58) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.14, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.3.14-1+ubuntu16.04.1+deb.sury.org+1, Copyright (c) 1999-2018, by Zend Technologies
CONFIGURATION
APP_ENV=production
APP_DEBUG=false
APP_URL="https://portal...."
APP_TIMEZONE="Europe/London"
APP_LOG="single"
APP_LOG_LEVEL=debug
IXP_FE_FRONTEND_DISABLED_LOGO=false
IXP_FE_CUSTOMER_BILLING_UPDATES_NOTIFY="rob@..."
IXP_FE_FRONTEND_DISABLED_RS_PREFIXES=true
IXP_FE_FRONTEND_DISABLED_NETINFO=true
IXP_FE_FRONTEND_DISABLED_CUSTKIT=false
IXP_FE_FRONTEND_DISABLED_CONSOLE=true
IXP_FE_FRONTEND_DISABLED_LOGO=false
IXP_FE_FRONTEND_DISABLED_LOOKING_GLASS=false
IXP_FE_VLANINTERFACES_HOSTNAME_REQUIRED=false
IXP_API_JSONEXPORTSCHEMA_PUBLIC=true
IXP_MULTIIXP_ENABLED=false
IXP_RESELLER_ENABLED=true
IXP_RESELLER_RESOLD_BILLING=false
IXP_AS112_UI_ACTIVE=false
GRAPHER_BACKENDS="mrtg|sflow"
GRAPHER_BACKEND_MRTG_WORKDIR="/srv/mrtg"
GRAPHER_BACKEND_MRTG_LOGDIR="/srv/mrtg"
GRAPHER_BACKEND_SFLOW_ENABLED=true
GRAPHER_BACKEND_SFLOW_ROOT="http://sflow..../grapher-sflow"
GRAPHER_BACKEND_SMOKEPING_ENABLED=false
GRAPHER_CACHE_ENABLED=false
VIEW_SKIN="lonap"
VIEW_SMARTY_SKIN="lonap"
AUTH_ZF1_PWHASH="bcrypt"
CACHE_DRIVER=memcached
SESSION_DRIVER=file
DOCTRINE_PROXY_AUTOGENERATE=false
DOCTRINE_CACHE=array
DOCTRINE_CACHE_NAMESPACE=IXPMANAGERNAMESPACE
IXP_API_RIR_EMAIL_TO=auto-dbm@...
IXP_API_RIR_EMAIL_FROM=ixp-auto@...
IXP_IRRDB_BGPQ3_PATH=/usr/local/bin/bgpq3
IXP_IRRDB_MIN_V4_SUBNET_SIZE=24
IXP_IRRDB_MIN_V6_SUBNET_SIZE=48
IXP_FE_FRONTEND_DISABLED_FILTERED_PREFIXES=false
IXP_RPKI_RTR1_HOST=5.57.xxx
IXP_RPKI_RTR1_PORT=3323
IXP_RPKI_RTR2_HOST=5.57.xxx
IXP_RPKI_RTR2_PORT=3323
SUMMARY

I'm fairly certain that in previous versions, a super user using "logging on as this user" feature, did not cause the user's actual last login date to be updated, but now it seems to update. Can you confirm?

This causes some confusion when looking for the most recently active user, audits and expiring users etc.

STEPS TO REPRODUCE

Use the "log on as this user" feature as a superuser from the user admin page.

barryo commented 4 years ago

Thanks @listerr - this is indeed a regression.

@yannrobin - need a check for admin logging in as user here.