Bug 1303992

Summary: User can delete himself
Product: Red Hat Storage Console Reporter: Lubos Trilety <ltrilety>
Component: UIAssignee: sankarshan <sankarshan>
Status: CLOSED WONTFIX QA Contact: sds-qe-bugs
Severity: medium Docs Contact:
Priority: unspecified    
Version: 2CC: mkudlej, nthomas, sankarshan
Target Milestone: ---Keywords: TestBlocker
Target Release: 3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: rhscon-ui-0.0.23-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-03-23 04:10:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Lubos Trilety 2016-02-02 16:01:18 UTC 
Description of problem:
Admin user is able to delete any user even himself and even when there is no other user.

Version-Release number of selected component (if applicable):
rhscon-core-0.0.8-1.el7.x86_64
rhscon-ceph-0.0.6-1.el7.x86_64
rhscon-ui-0.0.7-1.el7.noarch

How reproducible:
100%

Steps to Reproduce:
1. Go to Admin page and try to delete an user which is currently logged in

Actual results:
User is deleted. After any click it fails and so the page is re-routed to log page. However the session is still active so it's not possible to log as any user. Only possibility is to remove saved cookies from the browser.

Expected results:
User should not be able to remove himself from the user list.

Additional info:
Note that if the last user is removed clear of browser cookies doesn't help.
Comment 1 Dhivya Sivaprakasam 2016-02-09 09:18:46 UTC 
https://review.gerrithub.io/#/c/262381/
Comment 4 Martin Kudlej 2016-07-01 11:32:44 UTC 
Tested with rhscon-ui-0.0.43-1.el7scon.noarch and I still see issue. ->Assigned