Opened 5 years ago

Closed 4 years ago

#6278 closed defect (duplicate)

improper handling of groups

Reported by: csalgau-th@… Owned by: coderanger
Priority: normal Component: PrivateTicketsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.11


Unless I incorrectly understand Trac permission management, a permission action is restricted to uppercase only, while a permission group is forced to not be uppercase only. This means you can have a group called TICKET_modify and give it TICKET_MODIFY rights. The current revision of PrivateTicketsPlugin incorrectly considers groups as lowercase. revision 3760, line 125: if subject in groups and action.islower() and action not in groups: tests if the current action is lowercase, which excludes groups containing uppercase characters

Attachments (1)

policy.patch (710 bytes) - added by csalgau-th@… 5 years ago.
proposed fix. winmerge diff

Download all attachments as: .zip

Change History (3)

Changed 5 years ago by csalgau-th@…

proposed fix. winmerge diff

comment:1 Changed 4 years ago by rjollos

Duplicate of #3222.

comment:2 Changed 4 years ago by rjollos

  • Resolution set to duplicate
  • Status changed from new to closed

Add Comment

Modify Ticket

as closed The owner will remain coderanger.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.