Project

General

Profile

Actions

Bug #24074

closed

Switching to a non-admin BE user in adminOnly mode causes dead end

Added by Michael Schams over 13 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2010-11-16
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.4
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Set TYPO3 system in maintenance mode by adding the following line in typo3conf/localconf.php
$TYPO3_CONF_VARS['BE']['adminOnly'] = '1';

Log into BE as an admin and go to: ADMINS TOOLS -> User Admin
Switch to a non-admin BE user ("switch-back mode")

Message appears: "Login-error, TYPO3 is in maintenance mode at the moment. Only administrators are allowed access." (see attached screenshot-01). There are no links implemented on this page, so only thing you can do is going "back" in your browser history.
TYPO3 BE re-appears for a few seconds, then the message "Your TYPO3 login is about to expire. Please confirm that you want to stay logged in." pop ups (see attached screenshot-02).

If you click "Stay logged in", you get the "maintenance" message again (see attached screenshot-03) and the "expire" popup re-appears immediately.

If you click "No, log out", you get the "maintenance" message again (loop: only possible next step is: go "back" in browser history).

If you wait until progress bar in "expire" popup is at 100%, TYPO3 asked you to enter your password (for the admin user). Entering the password brings you back to the BE (that's correct) but still shows the "maintenance" message.

At the point described above, where you would go "back" in your browser history, user may be confused and reload the page or enter the URL of TYPO3's BE login again (http://<domain>/typo3). Instead of the login form, the "maintenance" message appears again. So, user do not have a chance to login any more. Only way out is to delete the cookie in the browser.

Firefox version 3.6.13pre used for this test:
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13pre) Gecko/20101111 Ubuntu/10.04 (lucid) Namoroka/3.6.13pre
(issue imported from #M16411)


Files

TYPO3-issue16411-screenshot-01.png (9.07 KB) TYPO3-issue16411-screenshot-01.png Administrator Admin, 2010-11-16 00:19
TYPO3-issue16411-screenshot-02.png (37.4 KB) TYPO3-issue16411-screenshot-02.png Administrator Admin, 2010-11-16 00:19
TYPO3-issue16411-screenshot-03.png (33.3 KB) TYPO3-issue16411-screenshot-03.png Administrator Admin, 2010-11-16 00:28

Related issues 1 (0 open1 closed)

Is duplicate of TYPO3 Core - Bug #32686: Restricting backend login to adminOnly disables switching backend usersClosed2011-12-19

Actions
Actions #1

Updated by Chris topher over 13 years ago

Idea:
Only render the "Switch to user" buttons,
- if ['BE']['adminOnly'] is not set (or at least not to 1)
--- but do render the button if ['BE']['adminOnly'] = 1, when the user to switch to also is an admin.

Is that also a problem for the "Change to" mode?

Actions #2

Updated by Lorenz Ulrich almost 12 years ago

  • Target version deleted (0)

I think this can be closed as a duplicate of the resolved (at least for master) issue #32686.

Actions #3

Updated by Anonymous over 11 years ago

  • Status changed from New to Resolved
Actions #4

Updated by Benni Mack over 5 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF