View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0021793||mantisbt||administration||public||2016-10-11 05:16||2016-10-30 23:22|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Target Version||1.3.3||Fixed in Version||1.3.3|
|Summary||0021793: Password reset email is sent to disabled users|
When a user is disabled, in manage user page, the option to send a password reset is available, and it effectively sends an email with the activation token.
|Tags||No tags attached.|
I would prefer to hide the option, rather than throw an error.
In my opinion, no.
I am not sure it makes sense, can't think of a scenario where it would be needed, but I don't think would hurt if we leave that open.
Actually, i havent tried yet, there is the possibility that the functionality is not complete, since some parts of code may check for a user to be enabled.
MantisBT: master-1.3.x 332f3ddf
Committer: vboctor Details Diff
|Don't show reset option for disabled or protected users
Don't show the password reset option for disabled or protected users:
- Disabled users can't have email sent.
- Protected users must not have its password changed (and will show an
|mod - manage_user_edit_page.php||Diff File|
|2016-10-11 05:16||cproensa||New Issue|
|2016-10-11 06:36||dregad||Note Added: 0054200|
|2016-10-11 07:23||cproensa||Note Added: 0054201|
|2016-10-15 15:36||cproensa||Assigned To||=> cproensa|
|2016-10-15 15:36||cproensa||Status||new => assigned|
|2016-10-15 15:38||cproensa||Note Added: 0054232|
|2016-10-17 10:51||vboctor||Changeset attached||=> MantisBT master-1.3.x 332f3ddf|
|2016-10-17 10:51||vboctor||Assigned To||cproensa => vboctor|
|2016-10-17 10:51||vboctor||Status||assigned => resolved|
|2016-10-17 10:51||vboctor||Resolution||open => fixed|
|2016-10-17 10:51||vboctor||Fixed in Version||=> 1.3.3|
|2016-10-17 11:04||atrol||Assigned To||vboctor => cproensa|
|2016-10-17 11:04||atrol||Target Version||=> 1.3.3|
|2016-10-30 23:22||vboctor||Status||resolved => closed|