[Bug 31431] New: Cannot change one's own userid if logged in as staff
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31431 Bug ID: 31431 Summary: Cannot change one's own userid if logged in as staff Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: Patrons Assignee: koha-bugs@lists.koha-community.org Reporter: joonas.kylmala@iki.fi QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com I cannot change the userid for my own account in the staff interface, if I do that I get the following error on any subsequent page I try to access:
Can't use string ("Koha::Patron") as a HASH ref while "strict refs" in use at /kohadevbox/koha/Koha/Object.pm line 830
Could the user session be tied into a specific userid, and if that changes things break? -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31431 --- Comment #1 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Hm I think this used to work, but after changing I usually needed to log in again being logged out. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31431 Magnus Enger <magnus@libriotech.no> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |magnus@libriotech.no --- Comment #2 from Magnus Enger <magnus@libriotech.no> --- I can confirm this on 22.05.08. After changing my userid in the staff client, I could only get "Internal Server Error" whatever I clicked on. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31431 Janusz Kaczmarek <januszop@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |januszop@gmail.com --- Comment #3 from Janusz Kaczmarek <januszop@gmail.com> --- Same effect (Internal Server Error) in 22.11.03. In log we find: Can't call method "password_expired" on an undefined value at /usr/share/koha/lib/C4/Auth.pm line 1785. This is because, in function C4::Auth::check_cookie_auth, the following is done: my $userid = $session->param('id'); [...] my $patron = Koha::Patrons->find({ userid => $userid }); $patron = Koha::Patrons->find({ cardnumber => $userid }) unless $patron; return ("password_expired", undef ) if $patron->password_expired; $userid is taken from stored session data and contains the old user login (= userid). At the same time, the content of the borrowers table is already updated with the new userid. So no patron object is found. As a consequence, $patron->password_expired is called on an undefined patron (without checking if it exists). So, maybe while self-modifying the userid the session data should also be updated? Would it work? And how about SSO methods, should any of them be used? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31431 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #4 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- *** This bug has been marked as a duplicate of bug 33851 *** -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31431 --- Comment #5 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- *** This bug has been marked as a duplicate of bug 33815 *** -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org