couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcos Zanona (Closed) (JIRA)" <>
Subject [jira] [Closed] (COUCHDB-1374) Server Admin never gets deleted
Date Thu, 05 Jan 2012 12:01:40 GMT


Marcos Zanona closed COUCHDB-1374.

    Resolution: Later
> Server Admin never gets deleted
> -------------------------------
>                 Key: COUCHDB-1374
>                 URL:
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Futon, Infrastructure
>    Affects Versions: 1.1.1
>            Reporter: Marcos Zanona
>              Labels: admin, login, security, validation
>             Fix For: 1.2, 1.3, 1.1.2
> It seems that when creating a Server Admin and then deleting that same user with another
admin makes the first user stay active, resulting in a no deletion and doesn't block the access
to the old admin access.
> It becomes marked as  {"error":"not_found","reason":"deleted"} but still having access
to the whole system as an admin.
> Also, Futon let's you create another simple user with the same name as the deleted server
admin without any problem, resulting on a password change for the old server admin, but that
user will stay as a server admin even if that wasn't the original intention.
> * I have experienced this creating these users through Futon by using the "Setup more
admins" popup

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message