Bug #42436 When the only Admin role is changed to agent, redir to setup.action no button
Submitted: 28 Jan 2009 19:08 Modified: 17 Jul 2009 10:48
Reporter: Shannon Wade Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Enterprise Monitor: Web Severity:S3 (Non-critical)
Version:2.0.0.7092 OS:Any
Assigned to: Josh Sled CPU Architecture:Any
Tags: mem_discuss_me

[28 Jan 2009 19:08] Shannon Wade 
Description:
When you accidentally or purposely change the *only* Admin user role to agent, you are redirected to setup.action screen to 'Create Administrator' user. However there is no continue button and enter key doesn't cause it to post either, this is probably good thing as if you did this accidentally and didn't notice it, the next person to visit url could set it...however you still cannot setup a new admin user. Work around was to change role in mem/user table via cli.

How to repeat:
In Dashboard change the only Admin user role to 'agent', Logout, then go to dashboard login, you will be redirected to setup.action screen to 'Create Administrator' user.

Suggested fix:
Ensure there must always be at least one 'manager' role, before changing a role from 'manager' to something else.
[19 Feb 2009 18:03] Gary Whizin 
NOTE: seems invalid to -

1) convert currently logged in user to an agent (maybe never allow someone to change the logged in user to agent? Or change logged in user level at all)

2) change the only manager account to something other than manager (should have 1 manager around always)
[12 Jun 2009 19:32] Sloan Childers 
The currently logged in user should not be able to change their role.  Let's just block that.
[26 Jun 2009 20:02] Enterprise Tools JIRA Robot 
Josh Sled writes: 
revno: 7286
revision-id: jsled@asynchronous.org-20090626194755-qxt0bgxtacb2hk9x
parent: jsled@asynchronous.org-20090626173459-skj53zzi8deilpk6
committer: Josh Sled <jsled@asynchronous.org>
branch nick: local
timestamp: Fri 2009-06-26 15:47:55 -0400
message:
  EM-3040, Bug#42436: disallow the current user from changing their User's role
[2 Jul 2009 18:32] Marcos Palacios 
Verified fixed in service manager build 2.1.0.1073.
[17 Jul 2009 10:48] Tony Bedford 
A 'change' entry was added to the 2.1.0 changelog:

In the Enterprise Dashboard, it was possible to change the last remaining user with a manager role to having an agent role. This led to a problem whereby when attempting to subsequently login to the Dashboard, this caused redirection to the setup.action page which presents the Create Administrator facility. However, there was no Continue button on this page, so it was not possible to create the administrative account.

The Dashboard has now been changed so that the currently logged in user is not able to change their role.