View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000936 | OXID eShop (all versions) | 2.5. Administer users | public | 2009-05-25 16:40 | 2012-12-10 13:15 |
Reporter | michael_keiluweit | Assigned To | |||
Priority | high | Severity | major | Reproducibility | always |
Status | resolved | Resolution | fixed | ||
Summary | 0000936: The session from admin users with adjusted rights is killed after the first action in the backend | ||||
Description | I create a new user, he becomes the rights “admin user”. Now I make a new role in “Benutzer verwalten -> Admin Rechte”. The role get the rights “Benutzer verwalten” (V) and in the submenu “Benutzer” the right (V). All other rights in all menu’s are “K”. After that, I assign the new user to the new role. When I login with that new user which has the adjusted rights, I can see only the “Benutzer” menu, that’s right. But If I click on this link, my session will be destroyed and I have to login again. A role with all rights can work in the backend, the session is exist. Is case: A admin user with adjusted rights, should be able to work in the backend without session timeout after the first click on a button. | ||||
Additional Information | tested it with our demoshop (EE) | ||||
Tags | Rights & Roles | ||||
Attached Files | |||||
Theme | |||||
Browser | |||||
PHP Version | |||||
Database Version | |||||
|
Reminder sent to: michael_keiluweit Unable to reproduce (on demoshop also). Could you provide some more details? Maybe some special settings are turned on? greetings, Birute M. |
|
I used the default settings after a new installation. When I login with a account which has adjusted rights, it's possible to click the links in the left menue. But if the bottom frame new load, it appears the login menue in this frame. After a second I'm redirected to the login screen. I attached a printscreen to show what I mean (brokensession.jpg) |
|
the problem was with configuration (and error handling..) - main menu item was checked as available, but deeper, no tabs where allowed to see. fixed this in the following way: if user enables main menu item, and there are no tabs to show, this item is hidden from menu. similarly, if no menu items are available, menu items group is hidden. files affected: oxnavigationtree.php |