Edit Report on another users report with TRAC_ADMIN privs misdirects to your report
|Reported by:||Jeffrey Hulten||Owned by:||Noah Kantrowitz|
- Create two users, both with REPORT_PERSONAL priv, one with TRAC_ADMIN priv.
- Create a report as the non-admin user.
- View the report as the admin user.
- Click the Edit Report button.
- See that it gives you the admin users report, not the non-admin users report.
I suspect that (far more dangerously) delete works the same way.
Note: See TracTickets for help on using tickets.