Download & Extend
Automated Logout » Issues

Why not autologout user with uid=1

Posted by drupal4peter on February 5, 2009 at 11:38am
Project:Automated Logout
Version:6.x-2.x-dev
Component:Miscellaneous
Category:bug report
Priority:normal
Assigned:Unassigned
Status:closed (fixed)

Issue Summary

Hi,

what is the deeper reason to not autologout the admin (uid=1), fixed in the code ?

If one must be autologout, it should'nt be the admin ? To avoid that another person may continue with admin's session.

Thank you.

Login or register to post comments

Comments

#1

Posted by roball on February 28, 2009 at 5:21pm
Version:5.x-2.2» 6.x-2.1

I can confirm this behavior being also in version 6.x-2.1. It is important to know that the super admin (uid=1) will never be logged out automatically!

#2

Posted by kakarot on November 17, 2009 at 3:09pm

You always can change from autologout.module the conditions like if ($user->uid < 2 || _autologout_by_role()) { to if (_autologout_by_role()) { and if (empty($account->uid) || $account->uid == 1) { to if (empty($account->uid)) {

#3

Posted by roball on November 19, 2009 at 9:47pm

Yes, and thanks for the suggestion - but this should be put into the official code by this module's author. I consider this problem to be a security risk. To autologout the "root" user is more important than taking care of all the other users.

#4

Posted by roball on November 19, 2009 at 9:48pm
Version:6.x-2.1» 6.x-2.2
Category:support request» feature request
Priority:minor» normal

#5

Posted by jvandervort on January 1, 2010 at 11:15pm
Version:6.x-2.2» 6.x-2.x-dev
Status:active» fixed

Seems valid to me. This should be the default. If we need a feature it would be to exempt admin from logout.

#6

Posted by roball on January 2, 2010 at 1:52pm

Why is this issue considered to be "fixed" now?

#7

Posted by jvandervort on January 3, 2010 at 4:59pm

Short answer, Because it was approved, seemed like a good idea, and committed to the dev snapshot.
We'll get some testing, then we'll release a new version.

#8

Posted by System Message on January 17, 2010 at 5:00pm
Status:fixed» closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

#9

Posted by jrglasgow on January 20, 2010 at 3:23am

User 1 didn't have the option to disable automated logout, I have made this possible

#10

Posted by roball on January 23, 2010 at 8:43am

Thank you jrglasgow! Where can I find the option to disable automated logout for user 1 in Automated Logout 6.x-2.4?

#11

Posted by jrglasgow on January 25, 2010 at 5:11pm

roball,
to answer your question... first user 1 needs to be in a role that is set to "by user". Then goto /user/1/edit and there is a checkbox in the "Account information" fieldset "Disable inactivity Automated Logout"

#12

Posted by roball on January 25, 2010 at 7:39pm

Thanks, now I got it!

#13

Posted by seanburlington on April 26, 2010 at 2:25pm
Category:feature request» bug report
Status:closed (fixed)» needs review

Hi,
the code change is great - but a couple of comments got missed

This was very confusing as it looked like the module didn't logout uid=1

Patch attached changes a comment and theme function

AttachmentSize
autologout_369586.patch 749 bytes

#14

Posted by jvandervort on May 18, 2010 at 5:47pm
Status:needs review» fixed

Committed to dev.

#15

Posted by System Message on June 1, 2010 at 5:50pm
Status:fixed» closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

nobody click here