You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Mike Jumper (Jira)" <ji...@apache.org> on 2021/05/24 02:50:00 UTC
[jira] [Commented] (GUACAMOLE-1352) ADMINISTER has no permission to
update own information
[ https://issues.apache.org/jira/browse/GUACAMOLE-1352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17350217#comment-17350217 ]
Mike Jumper commented on GUACAMOLE-1352:
----------------------------------------
It is intentional that the administrator cannot:
* Edit their own permissions
* Change their own password _via the admin interface_
Changing your own password has to be done through the password change interface in "preferences", which requires you to enter your current password. The admin interface for resetting a user's password (which does not require entering the current password) will reject any attempt by the current user to perform that operation on themselves.
The interface should make this more clear, but the behavior you describe is desired.
> ADMINISTER has no permission to update own information
> -------------------------------------------------------
>
> Key: GUACAMOLE-1352
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1352
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-ext
> Affects Versions: 1.2.0
> Environment: Centos7.8, Tomcat8.0.23, Guacamole1.2
> Reporter: Ji Shoukai
> Priority: Minor
> Attachments: jira-1352-entity.png, jira-1352-user-permission.png, jira-1352-user.png, jira-1352.png
>
>
> When I use a guacamole Administer user to update own information, will get a 403 Forbidden. Even I have guacamole user's UPDATE permission, also can't update password, but I can update other's information, even he is Administerm.
> In test, I find other error: I use a user's permission is guacamole-user READ UPDATE ADMINISTER, also can't update information.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)