Bug #93049: Backend user must have write privileges for exclude field be_users.password or password update is silently rejected - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #93049

closed

Backend user must have write privileges for exclude field be_users.password or password update is silently rejected

Added by Claus Due almost 4 years ago. Updated 5 months ago.

Status:

Rejected

Priority:

Should have

Assignee:

Category:

Target version:

Start date:

2020-12-10

Due date:

% Done:

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

Not sure if this is a bug or by design. If by design, a FlashMessage would be nice when a user attempts to change their password without the necessary access. Currently, an OK FlashMessage is dispatched which says "Password updated" even if the password update is ignored.

When a non-admin user uses "User Settings" to update their password, the update is silently rejected if the user(-group) does not have edit access for the specific field be_users.password, since this field is filtered out in DataHandler when processing exclude fields.

Observed on 9.5 but most likely behaves the same on all versions.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Watchers (1)

Bug #93049

Backend user must have write privileges for exclude field be_users.password or password update is silently rejected

Updated by Francois Suter almost 4 years ago

Updated by Riccardo De Contardi over 3 years ago

Updated by Georg Ringer 5 months ago