Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add superuser access to a user is not possible when SSO is used #19169

Closed
mstenz opened this issue May 3, 2022 · 11 comments · Fixed by #19525
Closed

Add superuser access to a user is not possible when SSO is used #19169

mstenz opened this issue May 3, 2022 · 11 comments · Fixed by #19525
Assignees
@sgiehl
Labels
Bug For errors / faults / flaws / inconsistencies etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Milestone
4.12.0

Comments

@mstenz
Copy link

mstenz commented May 3, 2022

Expected Behavior

There is no input form for password received (because the user does not know/have a password)

Current Behavior

A popup is showing that request the user got given his password, which he doesn't know.

Possible Solution

see "Expected Behaviour"

Steps to Reproduce (for Bugs)

  1. got to the admin panel with a user that has logged in via SSO
  2. go to System -> Users
  3. choose a user that is not a superuser
  4. enable superuser access (the popup appears)

Your Environment

Matomo Version 4.9.0
PHP version >= 7.2.5 8.0.12
PHP_OS Linux
@mstenz mstenz added the Potential Bug Something that might be a bug, but needs validation and confirmation it can be reproduced. label May 3, 2022
@sgiehl
Copy link
Member

sgiehl commented May 3, 2022

Hi @mstenz
Which plugin are you using for SSO access? Are you using the SAML plugin or LoginLDAP plugin?

@mstenz
Copy link
Author

mstenz commented May 3, 2022

@sgiehl Hi, I am using LoginOIDC, because it authenticates with Gitlab

@sgiehl
Copy link
Member

sgiehl commented May 9, 2022

Iirc we had similar issues with LoginLdap, but can't remember if there was a solution for that. Maybe @tsteur or @diosmosis know?

@tsteur
Copy link
Member

tsteur commented May 9, 2022

@sgiehl had a quick search in the LoginLdap Issues. There was this PR: matomo-org/plugin-LoginLdap#185 maybe it's that? I couldn't find anything else

@mstenz mstenz mentioned this issue May 9, 2022
Closed
@sgiehl sgiehl mentioned this issue May 18, 2022
Closed
@miton18
Copy link

miton18 commented May 18, 2022

Same issue here with LoginOIDC plugin
#19235

@sgiehl sgiehl added this to the For Prioritization milestone Jun 3, 2022
@miton18
Copy link

miton18 commented Jun 13, 2022

Do you know when the prioritization will occur ?

@bat79a
Copy link

bat79a commented Jun 20, 2022

+1 ;p

@miton18
Copy link

miton18 commented Jul 4, 2022

up ;-)

@justinvelluppillai
Copy link
Contributor

Adding to current milestone.

@sgiehl sgiehl self-assigned this Jul 14, 2022
@sgiehl sgiehl mentioned this issue Jul 14, 2022
Merged
11 tasks
@sgiehl
Copy link
Member

sgiehl commented Jul 14, 2022
edited

@mstenz @miton18 With #19525 we will most likely introduce a new event, which can then be used to disabled the password confirmation for certain users in UI and API. Login plugins will then need to implement this event.

@mstenz
Copy link
Author

mstenz commented Jul 14, 2022

perfect, thank you

@sgiehl sgiehl added Bug For errors / faults / flaws / inconsistencies etc. and removed Potential Bug Something that might be a bug, but needs validation and confirmation it can be reproduced. labels Jul 21, 2022
@mstenz mstenz mentioned this issue Jul 27, 2022
Closed
@justinvelluppillai justinvelluppillai added the not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. label Sep 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sgiehl sgiehl

Labels
Bug For errors / faults / flaws / inconsistencies etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
Milestone
4.12.0
Development

Successfully merging a pull request may close this issue.

Improve password confirmation in UI & API matomo-org/matomo
6 participants
@tsteur @justinvelluppillai @sgiehl @miton18 @mstenz @bat79a