[
https://issues.apache.org/jira/browse/COUCHDB-1374?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marcos Zanona closed COUCHDB-1374.
----------------------------------
Resolution: Later
> Server Admin never gets deleted
> -------------------------------
>
> Key: COUCHDB-1374
> URL: https://issues.apache.org/jira/browse/COUCHDB-1374
> Project: CouchDB
> Issue Type: Bug
> Components: Futon, Infrastructure
> Affects Versions: 1.1.1
> Reporter: Marcos Zanona
> Labels: admin, login, security, validation
> Fix For: 1.2, 1.3, 1.1.2
>
>
> It seems that when creating a Server Admin and then deleting that same user
> with another admin makes the first user stay active, resulting in a no
> deletion and doesn't block the access to the old admin access.
> It becomes marked as {"error":"not_found","reason":"deleted"} but still
> having access to the whole system as an admin.
> Also, Futon let's you create another simple user with the same name as the
> deleted server admin without any problem, resulting on a password change for
> the old server admin, but that user will stay as a server admin even if that
> wasn't the original intention.
> * I have experienced this creating these users through Futon by using the
> "Setup more admins" popup
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
