You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To add to this maybe: All users that can delete other users should not be able to delete itself. To achieve this you can check who made the request(Dont know your jwt structure but you can add info like this to the jwt aswell) and compare with the user that is about to be deleted (user delete id same as the one in the jwt? dont delete send an error).
Some edge-cases thoughts or possible user requirements
What if I want to remove myself from a company?
Then someone else does this 😅
I want to delete the last super user and all other users
Basically a system wipe - just delete the whole system in this case 😅
* Fix admin self-delete
* Fix missing JEST cleanup
* Add UI warning for user deletion
* Update JEST cases
* Fix typos and lint warning
Co-authored-by: Philipp Backes <philippbackes95@gmail.com>
Describe the bug
As a Super-User I can delete my account in the CMS and I'm still in "logged-in" state.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Account of the first Super-User has to be protected and undeletable!
The text was updated successfully, but these errors were encountered: