← Back to team overview

mahara-contributors team mailing list archive

  1. mahara-contributors team
  2. Mailing list archive
  3. Message #57596

[Bug 1777785] Re: Users from a suspended institution can still log in

  Thread PreviousDate PreviousThread Next 
I've tested with internal and SAML options, I can confirm it works for
both of them.

For internal auth:
- Have an institution with at least one member.
- Suspend the institution
- Try to login with the user from the institution
Result:
 I'm not logged in and see the message:
 " Your institution <Institution name> has been suspended. Until it is unsuspended, you will not be able to log in to Mahara."

For SAML auth:
- Have 2 institutions, institution1 and Institution2, both using the same idp but different institution value to check against.
- Suspend Institution1
- Try to login to Institution1
result:
 I'm not logged in and see the message:
 " Your institution <Institution name> has been suspended. Until it is unsuspended, you will not be able to log in to Mahara."
- Try to login with another user to Institution2 not suspended
Result:
 I can login without any problem

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1777785

Title:
  Users from a suspended institution can still log in

Status in Mahara:
  New
Status in Mahara 20.04 series:
  New

Bug description:
  It should not be possible for people to log into their account if
  their institution has been suspended. the latest fix for that also for
  external auth methods is https://reviews.mahara.org/#/c/6671/

  This did not work on a Mahara 17.04 for SAML auth and on a Mahara
  18.10dev for internal auth.

  To replicate:

  1. Have an institution with one member and a site admin.
  2. Site admin suspends the institution.
  3. Expected result: Institution member cannot log in anymore.
     Actual result: Institution member can still log in.

  This would need to be tested with all auth methods: internal, LDAP,
  SAML, MNet, LTI

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1777785/+subscriptions

References

  Thread PreviousDate PreviousThread Next