Ticket #10133 (closed defect: fixed)

Opened 11 months ago

Last modified 7 months ago

menu item displayed as strange artifact when having no permission for it

Reported by: falkb Assigned to: rjollos
Priority: normal Component: MenusPlugin
Severity: normal Keywords:
Cc: rjollos Trac Release: 0.12

Description

Users without permission BROWSER_VIEW (and TIME_VIEW of TimingAndEstimationPlugin) actually should not see the appropriate menu items.

But they see this here:

Please, hide those strange menu artifacts.

I added rjollos because it seems he's the current maintainer.

Attachments

menu.PNG (0.9 kB) - added by falkb on 07/04/12 10:01:24.

Change History

07/04/12 10:01:24 changed by falkb

  • attachment menu.PNG added.

(follow-up: ↓ 4 ) 07/04/12 11:05:32 changed by falkb

We found out the reason seems to be this setup in trac.ini: 

[mainnav]
billing = enabled
browser = enabled

Now as I removed both entries for billing and browser, the problem disappeared.

It seems, the permissions are not checked correctly at rendering menu items...

10/10/12 01:16:11 changed by rjollos

  • status changed from new to assigned.
  • owner changed from cbalan to rjollos.

10/11/12 01:45:05 changed by rjollos

(In [12144]) Refs #10133: Renamed 0.11 directory to trunk.

(in reply to: ↑ 1 ; follow-up: ↓ 8 ) 10/11/12 02:25:14 changed by rjollos

Replying to falkb:

It seems, the permissions are not checked correctly at rendering menu items...

I can't think of how the permission could be checked in a straightforward way, since all you've done is defined an entry, but no path_info or other data to match it to a module. How does the MenusPlugin know, in a general way, that the browser entry in trac.ini is associated with the BrowserModule and the path /browser, and therefore should only be shown when the BROWSER_VIEW permission is present? Do you see a way?

However, I will commit a fix that prevents the display of entries that don't result in a valid link element.

10/11/12 02:26:11 changed by rjollos

  • status changed from assigned to closed.
  • resolution set to fixed.

(In [12145]) Fixes #10133: Don't show entries in the navigation bar if a label with a link element is not defined.

10/11/12 02:31:53 changed by rjollos

(In [12146]) Refs #10133: Removed unnecessary continue statements.

10/11/12 02:42:05 changed by rjollos

(In [12147]) Refs #10133: Added else case so that logic is the same as before [12145].

(in reply to: ↑ 4 ) 10/11/12 08:37:39 changed by falkb

Replying to rjollos:

Do you see a way?

No, I don't

However, I will commit a fix

Thanks!

10/11/12 20:40:13 changed by rjollos

Let me know if you've had a chance to test it out. I'm hesitant to touch the plugin again without setting up unit tests to make sure I'm not introducing regressions.

10/12/12 09:13:42 changed by falkb

Tested with 0.12 and 1.0, it works well.

Add/Change #10133 (menu item displayed as strange artifact when having no permission for it)




Change Properties
Action