mahara-contributors team mailing list archive

Thread
Date

[Bug 495064] Re: Self deletion of users relies on institution registration which follows additional rules

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Kristina Hoeppner <495064@xxxxxxxxxxxxxxxxxx>
Date: Sat, 04 May 2019 10:15:27 -0000
Reply-to: Bug 495064 <495064@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This was implemented in Mahara 18.04.

** Changed in: mahara
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/495064

Title:
  Self deletion of users relies on institution registration which
  follows additional rules

Status in Mahara:
  Fix Released

Bug description:
  Version: master

  Having a look at the new self delete features, I've come across a bug:

  Ability to delete self is determined by the registration status of the
  institutions a user belongs to. If that institution has registration
  enabled, then that user may delete their profile.

  However, this check on user registration is based solely on the
  registerallowed field in the institution table whilst the registration page
  (register.php) checks whether the institution has an 'internal' auth
  instance associated with it; and only then do they allow registration to
  that institution.

  The patch I've supplied only allows self deletion of users who have logged
  in using the internal auth mechanism, in addition to the existing check on
  registration being enabled.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/495064/+subscriptions