Make WordPress Core

Opened 13 years ago

Closed 13 years ago

#19684 closed defect (bug) (fixed)

Users list 'Change role to' allows for changing logged-in Admin role to Subscriber

Reported by: raamdev's profile raamdev Owned by: ryan's profile ryan
Milestone: 3.3.1 Priority: normal
Severity: major Version: 3.3
Component: Users Keywords: has-patch commit
Focuses: Cc:

Description

While it's not possible for an Administrator to change his or her own role to Subscriber from the Edit Profile page (the drop-down doesn't exist for logged-in Admins), it is possible to change your own role to Subscriber from within the Users list by using the 'Change role to...' drop-down.

This would allow an Administrator to inadvertently lock themselves out of WordPress if they forget to uncheck their account in the list when making bulk updates.

To recreate this issue, first create an additional Administrator account so you can get back in. Then from the Users list, select your current Administrator account (i.e., the one you're logged in with) and then choose 'Change role to' -> Subscriber.

You'll immediately be kicked out of the Admin panel. (Now you can login with the other Admin account and change your role back to Administrator.)

Attachments (1)

19684.patch (872 bytes) - added by linuxologos 13 years ago.

Download all attachments as: .zip

Change History (12)

#1 @raamdev
13 years ago

  • Cc raam@… added

#2 @knutsp
13 years ago

  • Cc knut@… added

#3 @linuxologos
13 years ago

  • Component changed from General to Users
  • Keywords needs-patch added
  • Severity changed from normal to major

Introduced in [19024] for #18164.

#4 @nacin
13 years ago

  • Milestone changed from Awaiting Review to 3.3.1

I must have thought that was in an is_multisite() block. Logic fix should be simple.

@linuxologos
13 years ago

#5 @linuxologos
13 years ago

  • Keywords has-patch added; needs-patch removed

#6 follow-up: @nacin
13 years ago

In [19640]:

Only allow _multisite_ super admins to demote themselves on a site. props linuxologos, see #19684 for trunk.

#7 @nacin
13 years ago

Marking as commit for the 3.3 branch, after additional review.

#8 @nacin
13 years ago

  • Keywords commit added

#9 in reply to: ↑ 6 ; follow-up: @scribu
13 years ago

Replying to nacin:

In [19640]:

Only allow _multisite_ super admins to demote themselves on a site. props linuxologos, see #19684 for trunk.

I was under the impression that "super admin" is exclusively a multisite feature.

#10 in reply to: ↑ 9 @nacin
13 years ago

Replying to scribu:

Replying to nacin:

In [19640]:

Only allow _multisite_ super admins to demote themselves on a site. props linuxologos, see #19684 for trunk.

I was under the impression that "super admin" is exclusively a multisite feature.

It is, but is_super_admin() returns true in single-site for administrators (it checks delete_users). We found this to be useful during the merge.

#11 @ryan
13 years ago

  • Owner set to ryan
  • Resolution set to fixed
  • Status changed from new to closed

In [19646]:

Only allow _multisite_ super admins to demote themselves on a site. props linuxologos, fixes #19684 for 3.3

Note: See TracTickets for help on using tickets.