Issue 714673
Created on 2003-04-03 15:28 by the6, last changed 2003-04-24 07:48 by richard.
|
| msg746 |
Author: [hidden] (the6) |
Date: 2003-04-03 15:28 |
|
in the documentation i read that anyone who will be
added after submitting something via mail will be added
to the user list with an empty password thus not
permitting them to login. now this is exactly what we
want here but it just doesn't work.
after submitting i can login with the email address i
sent the request from and just hit enter as password.
voila, i can edit everything.
sorry for not finding a solution myself but my python
skills are far from sufficient ...
|
| msg747 |
Author: [hidden] (richard) |
Date: 2003-04-10 04:57 |
|
Logged In: YES
user_id=6405
That rule was written before Roundup got a real security
model. I need to discuss the ramifications of this on the
users list.
|
| msg748 |
Author: [hidden] (richard) |
Date: 2003-04-24 07:48 |
|
Logged In: YES
user_id=6405
The behaviour is better now, but isn't perfect. I'm opening a
feature request for an auto-reply message informing new users of
their automatic registration.
|
|
| Date |
User |
Action |
Args |
| 2003-04-03 15:28:19 | the6 | create | |
|