Modify

Opened 17 years ago

Closed 10 years ago

#1994 closed defect (wontfix)

Edit Report on another users report with TRAC_ADMIN privs misdirects to your report

Reported by: Jeffrey Hulten Owned by: Noah Kantrowitz
Priority: normal Component: PersonalReportsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.10

Description

To repro:

  1. Create two users, both with REPORT_PERSONAL priv, one with TRAC_ADMIN priv.
  2. Create a report as the non-admin user.
  3. View the report as the admin user.
  4. Click the Edit Report button.
  5. See that it gives you the admin users report, not the non-admin users report.

I suspect that (far more dangerously) delete works the same way.

Attachments (0)

Change History (1)

comment:1 Changed 10 years ago by Ryan J Ollos

Resolution: wontfix
Status: newclosed

This plugin is deprecated. Please see the PrivateReportsPlugin for a replacement

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Noah Kantrowitz.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment

E-mail address and name can be saved in the Preferences.

AttachmentsDescription
 
Note: See TracTickets for help on using tickets.