[Koha-bugs] [Bug 26912] Expired staff accounts can still log in to Koha staff intranet, SIP, API, etc.
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Nov 4 13:12:35 CET 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=26912
--- Comment #6 from Kyle M Hall <kyle at bywatersolutions.com> ---
(In reply to David Cook from comment #5)
> (In reply to Katrin Fischer from comment #2)
> > A changed password can't be queried, I like the idea of an enable/disable
> > functionality for the permissions. You would still want to allow OPAC
> > logins, but block staff.
>
> We could query it if we changed the password field to "!". I feel that's
> something that Koha sometimes does?
I'm not seeing the in the code with some basic grepping. The problem I see with
that is, again, that it changes data about the user. The user's password is
then lost, and without additional data ( public note, private note ), the
reason for the password being changed would be unknown.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list