# Ticket #10133 (closed defect: fixed)

Opened 11 months ago

## menu item displayed as strange artifact when having no permission for it

Reported by: Assigned to: falkb rjollos normal MenusPlugin normal rjollos 0.12

### Description

Users without permission BROWSER_VIEW (and TIME_VIEW of TimingAndEstimationPlugin) actually should not see the appropriate menu items.

But they see this here:

I added rjollos because it seems he's the current maintainer.

## Change History

### (follow-up: ↓ 4 ) 07/04/12 11:05:32 changed by falkb

We found out the reason seems to be this setup in trac.ini:

[mainnav]
billing = enabled
browser = enabled


Now as I removed both entries for billing and browser, the problem disappeared.

It seems, the permissions are not checked correctly at rendering menu items...

### 10/10/12 01:16:11 changed by rjollos

• status changed from new to assigned.
• owner changed from cbalan to rjollos.

### 10/11/12 01:45:05 changed by rjollos

(In [12144]) Refs #10133: Renamed 0.11 directory to trunk.

### (in reply to: ↑ 1 ; follow-up: ↓ 8 ) 10/11/12 02:25:14 changed by rjollos

It seems, the permissions are not checked correctly at rendering menu items...

I can't think of how the permission could be checked in a straightforward way, since all you've done is defined an entry, but no path_info or other data to match it to a module. How does the MenusPlugin know, in a general way, that the browser entry in trac.ini is associated with the BrowserModule and the path /browser, and therefore should only be shown when the BROWSER_VIEW permission is present? Do you see a way?

However, I will commit a fix that prevents the display of entries that don't result in a valid link element.

### 10/11/12 02:26:11 changed by rjollos

• status changed from assigned to closed.
• resolution set to fixed.

(In [12145]) Fixes #10133: Don't show entries in the navigation bar if a label with a link element is not defined.

### 10/11/12 02:31:53 changed by rjollos

(In [12146]) Refs #10133: Removed unnecessary continue statements.

### 10/11/12 02:42:05 changed by rjollos

(In [12147]) Refs #10133: Added else case so that logic is the same as before [12145].

### (in reply to: ↑ 4 ) 10/11/12 08:37:39 changed by falkb

Do you see a way?

No, I don't

However, I will commit a fix

Thanks!

### 10/11/12 20:40:13 changed by rjollos

Let me know if you've had a chance to test it out. I'm hesitant to touch the plugin again without setting up unit tests to make sure I'm not introducing regressions.

### 10/12/12 09:13:42 changed by falkb

Tested with 0.12 and 1.0, it works well.

### Add/Change #10133 (menu item displayed as strange artifact when having no permission for it)

Change Properties