Bug #32873
Value changes for logged in account are not persisted due to session serialization
| Status: | Accepted | Start date: | 2011-12-29 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assigned To: | Karsten Dambekalns | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - | |||
| PHP Version: | 5.3 | Complexity: | ||
| Has patch: | No | Affected Flow version: | Git master |
Description
Scenario: Change accountIdentifier or credentialsSource on an account (\TYPO3\FLOW3\Security\Account), while being logged in with that account. No values are persisted to the database, because the account is fetched from the serialized session and not loaded from the database. This happened using a fluid form with the account being send to an update action, and then using the accountRepository->update method.
It doesn't matter if the account is fetched originally through the accountRepository or the securityContext, which makes sense since it's just being passed as form data with an identifier..
I've looked in the session files (Temporary/Development/Sessions), where I can se the serialized account (TYPO3\FLOW3\Security\Account)
Quote from Andi: I think this was introduced with the 1.1 stuff and the new bootstrap…
Related issues
History
#1 Updated by Karsten Dambekalns over 3 years ago
- Status changed from New to Accepted
- Assigned To set to Karsten Dambekalns