0010532: ModifyUser Method may disable the calling user

ID	Project	Category	View Status	Date Submitted	Last Update

0010532	10000-018: Role-Based Security	Spec	public	2025-09-22 11:29	2025-09-25 14:21

Reporter	Matthias Damm	Assigned To	Matthias Damm
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.05.06 RC1
Fixed in Version	1.05.06

Summary	0010532: ModifyUser Method may disable the calling user
Description	Review comment from 1.05.06 RC In RemoveUser we do not allow to remove a user that is used for the session calling the remove to prevent a lock-out of the session doing the configuration. This can also happen for ModifyUser if the user calling the method is disabled (UserConfiguration bit Disabled). We need something like the following sentence from RemoveUser für Disable of connected user: If the user of the Session used to call the Method is to be removed, the Method shall fail with Bad_InvalidSelfReference.
Tags	No tags attached.

Commit Version
Fix Due Date

Matthias Damm 2025-09-22 11:31 developer ~0023316	Added the following handling to the description of" 5.2.6 ModifyUser Method" If the user of the Session used to call the Method is to be disabled, the Method shall fail with Bad_InvalidSelfReference.

Jim Luth 2025-09-25 14:21 administrator ~0023378	Agreed to changes edited in F2F meeting.

Date Modified	Username	Field	Change
2025-09-22 11:29	Matthias Damm	New Issue
2025-09-22 11:29	Matthias Damm	Status	new => assigned
2025-09-22 11:29	Matthias Damm	Assigned To	=> Matthias Damm
2025-09-22 11:31	Matthias Damm	Status	assigned => resolved
2025-09-22 11:31	Matthias Damm	Resolution	open => fixed
2025-09-22 11:31	Matthias Damm	Fixed in Version	=> 1.05.06
2025-09-22 11:31	Matthias Damm	Note Added: 0023316
2025-09-25 14:21	Jim Luth	Status	resolved => closed
2025-09-25 14:21	Jim Luth	Note Added: 0023378