I am having a little problem with the Schools app, I might be missing something, maybe someone can point me in the right direction, and hopefully its not a bug.
It appears when a registered customer is deleted fully by an admin, the customer can still relogin and it even goes as far as the customer’s record being re-inserted into the MariaDB upon relogin of that same customer from their computer, this happens for the master and develop branch of the app, someone can please test this out to confirm.
Another issue… a user cannot be deleted by an admin when that user is currently logged in, It gives a “User is linked with communication XXXXX…” error where “XXXXX” represents the id of the “logged in” communication with the system and these communications cannot be deleted from the app even by an admin, although I understand the rationale behind this for a system user as far as DB Integrity Check is concerned, but, for a website user with a malicious intent, this might be a bit limiting for the admin as a user can knowingly keep a session alive to exploit any vulnerability detected, and also, for a system user, I believe this is what caching and DB rollbacks can also be used for.
Anyway I might have judged too early, please clarify where I could be totally derailing.
Thank and regards