Issue 535868
Created on 2002-03-27 19:37 by anonymous, last changed 2002-04-10 23:28 by richard.
msg209 |
Author: [hidden] (anonymous) |
Date: 2002-03-27 19:37 |
|
I've just downloaded and am configuring and trying out. Here's something I ran into.
I've configured instance_config.py to include:
ANONYMOUS_ACCESS = 'deny'
ANONYMOUS_REGISTER = 'deny'
ANONYMOUS_REGISTER_MAIL = 'allow'
When emails are sent in, the appropriate user is created. If I follow the documentation, that user should not be able to log into the Web interface, based on my config. However, the user can log in with a password of 'None.'
|
msg210 |
Author: [hidden] (richard) |
Date: 2002-04-10 23:28 |
|
Logged In: YES
user_id=6405
This is a poorly-thought-out feature. There was no thought given to locking out users added in the manner you
describe. There's currently no concept of a "class" of user, which perhaps there needs to be. I'm going to
move this discussion to the roundup-dev mailing list.
|
|
Date |
User |
Action |
Args |
2002-03-27 19:37:01 | anonymous | create | |
|