menu item displayed as strange artifact when having no permission for it

[falkb]

Users without permission BROWSER_VIEW (and TIME_VIEW of TimingAndEstimationPlugin) actually should not see the appropriate menu items.

But they see this here:

Please, hide those strange menu artifacts.

I added rjollos because it seems he's the current maintainer.

[falkb]

We found out the reason seems to be this setup in trac.ini:

[mainnav]
billing = enabled
browser = enabled

Now as I removed both entries for billing and browser, the problem disappeared.

It seems, the permissions are not checked correctly at rendering menu items...

[Ryan J Ollos]

(In [12144]) Refs #10133: Renamed 0.11 directory to trunk.

[Ryan J Ollos]

Replying to falkb:

It seems, the permissions are not checked correctly at rendering menu items...

I can't think of how the permission could be checked in a straightforward way, since all you've done is defined an entry, but no path_info or other data to match it to a module. How does the MenusPlugin know, in a general way, that the browser entry in trac.ini is associated with the BrowserModule and the path /browser, and therefore should only be shown when the BROWSER_VIEW permission is present? Do you see a way?

However, I will commit a fix that prevents the display of entries that don't result in a valid link element.

[Ryan J Ollos]

(In [12145]) Fixes #10133: Don't show entries in the navigation bar if a label with a link element is not defined.

[Ryan J Ollos]

(In [12146]) Refs #10133: Removed unnecessary continue statements.

[Ryan J Ollos]

(In [12147]) Refs #10133: Added else case so that logic is the same as before [12145].

[falkb]

Replying to rjollos:

Do you see a way?

No, I don't

However, I will commit a fix

Thanks!

[Ryan J Ollos]

Let me know if you've had a chance to test it out. I'm hesitant to touch the plugin again without setting up unit tests to make sure I'm not introducing regressions.

[falkb]

Tested with 0.12 and 1.0, it works well.