Not a bug CanEditUser doesn't check if Selected User is SuperAdmin

Vincent

Vincent

Well-known member
The CanEditUser check on the Edit link in the Member Card for Administators doesn't check if the User they're trying to enter is a Super Administrator.

I'm not sure if it's possible to check that, since it's defined in the config.php.

Anyhow, we'll see :)
 
I'm not sure I'd classify this as a bug, as the 'Edit' link can still be used to view privileged info, even if you can't actually edit the super admin.
 
Kier said:
I'm not sure I'd classify this as a bug, as the 'Edit' link can still be used to view privileged info, even if you can't actually edit the super admin.
Click to expand...
Not true:
After clicking the Edit link from a Super Admin Membercard as a normal Admin:
Sans titre.webp
 
Regardless, we show this edit link throughout the admin CP where it may not be accessible (for this reason) so I think the behavior is consistent.
 

Similar threads

K
Transcoding silently fails if PHP binary path is incorrect
Replies
1
Views
566
Jake B.
Jake B.
U
  • Question Question
XF 2.2 User field is displayed to me incorrectly
Replies
0
Views
296
urivil
U
El Porcharo
  • Question Question
XF 2.2 Debug a not working template modification
Replies
0
Views
304
El Porcharo
El Porcharo
Dannymh
XF 2.2 Custom user fields code wont update
Replies
2
Views
328
Dannymh
Dannymh
X
Purchase request not updated on user merge
Replies
0
Views
178
Xon
X
Top Bottom