Stage 1 of Role Based Access Control breaks other lessons

[GoogleCodeExporter]

What steps will reproduce the problem?
1. As user Tom Cat, complete the lesson by using the DeleteProfile function
on himself.
2. Go to Step 3 - Instructions ask you to use the "Tom Cat" user to bypass
the ACL by using the ViewProfile function against another user.
3. This doesn't work - the Tom Cat profile has been deleted.

Unfortunately, the Restart This Lesson link does not restore the Tom Cat
profile.  This would also cause issues in the Cross Site Scripting lesson,
which also asks you to use the Tom Cat profile.

Possible solutions:
1. Change the instructions to have Tom delete a profile that isn't used
later on - however, this doesn't fix the problem of the lesson not being
repeatable.  :(
2. Have the DeleteProfile function return a message to indicate that the
user would have been deleted successfully (completing the objective), but
don't have the user actually be deleted.
3. Have the Restart This Lesson button on Stage 1 restore the user
database, or, better yet, add an Admin Function to restore the user
database (and then add instructions to restore the database inside Stage 3).

Original issue reported on code.google.com by soylentm...@gmail.com on 6 Jan 2009 at 9:01

[GoogleCodeExporter]

Original comment by mayhe...@gmail.com on 21 Jan 2009 at 2:21

• Changed state: Accepted

[GoogleCodeExporter]

Fixed the problem using your second suggestion. In the next release the lesson 
will prevent you from deleting yourself, but will still acknowledge lesson 
complete.

Original comment by X71...@gmail.com on 10 Aug 2011 at 3:40

[GoogleCodeExporter]

Original comment by mayhe...@gmail.com on 23 Apr 2012 at 7:52

• Changed state: Fixed