Modify ↓
#14346 closed defect (fixed)
Notification email contains CC addresses in clear
Reported by: | bmispelon | Owned by: | Jun Omae |
---|---|---|---|
Priority: | normal | Component: | TracHtmlNotificationPlugin |
Severity: | normal | Keywords: | |
Cc: | Trac Release: |
Description
My site is configured so that email addresses are obfuscated for non-admin users (EMAIL_VIEW
permission).
However, when using the HTML notification plugin the full CC field is displayed in the email, with no obfuscation.
This happens because the plugin passes a MockPerm
to the ticket module.
I'm attaching a patch that fixes this by using a proper PermissionCache
object instead of MockPerm
.
Attachments (2)
Change History (6)
Changed 6 months ago by
Attachment: | use_permission_cache.diff added |
---|
comment:1 Changed 6 months ago by
Status: | new → accepted |
---|
Changed 6 months ago by
Attachment: | use_permission_cache_with_tests.diff added |
---|
Same patch but with a test (and fixes for the test suite to run under python3 + trac 1.6)
comment:2 follow-up: 4 Changed 6 months ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
Fixed in [18646] (manually comment because hooks/post-commit failed to start...).
comment:4 Changed 6 months ago by
Note: See
TracTickets for help on using
tickets.
Good catch. The patch seems likely to be good.