Opened 8 years ago
Last modified 6 years ago
#39170 new defect (bug)
Remove connection between network email and super admin account
Reported by: | flixos90 | Owned by: | |
---|---|---|---|
Milestone: | Future Release | Priority: | normal |
Severity: | normal | Version: | |
Component: | Networks and Sites | Keywords: | 2nd-opinion has-patch has-unit-tests |
Focuses: | multisite | Cc: |
Description
While looking at #34293, I came across the restriction that a user's super admin capabilities cannot be revoked when that user has the same email address that is currently specified as network (admin) email address.
I just chat about this with @johnbillion and he agreed that the connection between the network email and a super admin doesn't really make sense, especially since one can easily work around it by temporarily changing the network email address before revoking super admin caps on the user. He also pointed to #14051 where the change was made, however even on that ticket there are concerns about inconsistency expressed.
I think this restriction should be removed so that any super admin can have their capabilities revoked regardless of email address. This would also clarify the meaning of the network email address (which we would then change to display as something like "Network Email" or "Network Notification Email").
Any information on the history why that change was made in the first place would be welcome, because on the ticket itself the comments seem to agree on what I'm describing here, although in the end the changeset still introduces the restriction without any documented context.
39170.diff gets rid of the restriction. In relation to that a
manage_network_options
cap check has been removed since having this capability should no longer be relevant as the network email is no longer connected to super admins. The patch also adds a unit test to ensure that super admin privileges of a user with the network email address can be properly revoked.