Restrict password editing to only current users, excluding other users.

Created on 12 July 2023, over 1 year ago

Updated 12 December 2023, about 1 year ago

Problem/Motivation

Currently, any logged-in user is unable to update the password of other users due to the implemented restriction that limits password editing to only the current user, excluding other users.

Steps to reproduce

Log in as a user with openad connect.
Attempt to update the password of another user (not connected) or create a new user.
Observe that the password doesn't appear.

Proposed resolution

To check if the current user updates own account before hiding the password.

Remaining tasks

Patch the code

User interface changes

There are no user interface changes associated with this issue.

API changes

There are no API changes associated with this issue.

Data model changes

There are no data model changes associated with this issue.

🐛 Bug report

Status

Needs review

Version

1.0

Component

Code

Created by

🇯🇴Jordan abu-zakham

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @abu-zakham
Status changed to Needs review over 1 year ago12:15pm 12 July 2023
Comment over 1 year ago →
🇯🇴Jordan abu-zakham
Open in Jenkins → Open on Drupal.org →
Core: 10.1.4 + Environment: PHP 7.4 & MySQL 5.7
last update about 1 year ago
Patch Failed to Apply
Comment about 1 year ago →
🇯🇴Jordan n.ghunaim Amman - Jordan
Re-rolled the patch for version 2.0.0-beta1

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024