two user in two client duplicate account make just one user can login, and list of role is combine of two user
Description
Redo step: 1. config to use email for login 2. modify value of email and password of "garden admin" same as "superUser" 3. login with this email and password.
issue 1: just user superUser is login. never select "garden admin" it's by logic in get(Properties ctx, String name) in class MUser update: it's can't guess. sometime is this user sometime is other user
issue 2: list of role is combine of two user => some role name is duplicate it's by login in getRole sql
This is a harmless corner case that is easily solved configuring properly the users.
The case is just reproducible if a System user is configured with same email, role and password than a tenant user - which is not a proper way to configure users.
Carlos Ruiz September 4, 2016 at 9:42 AM
@hieplq, I think this problem is not between two tenants, but the problem arise when a System user (like SuperUser) has the same role/email/pass as a tenant user - which is not an usual case I think and it can be managed easily removing the role from the System user, or assigning a different password.
Minor
Redo step:
1. config to use email for login
2. modify value of email and password of "garden admin" same as "superUser"
3. login with this email and password.
issue 1: just user superUser is login. never select "garden admin"
it's by logic in
get(Properties ctx, String name) in class MUser
update: it's can't guess. sometime is this user sometime is other user
issue 2: list of role is combine of two user => some role name is duplicate
it's by login in getRole sql