Opened 9 years ago

Closed 3 years ago

#1994 closed defect (wontfix)

Edit Report on another users report with TRAC_ADMIN privs misdirects to your report

Reported by: jhulten Owned by: coderanger
Priority: normal Component: PersonalReportsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.10


To repro:

  1. Create two users, both with REPORT_PERSONAL priv, one with TRAC_ADMIN priv.
  2. Create a report as the non-admin user.
  3. View the report as the admin user.
  4. Click the Edit Report button.
  5. See that it gives you the admin users report, not the non-admin users report.

I suspect that (far more dangerously) delete works the same way.

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by rjollos

  • Resolution set to wontfix
  • Status changed from new to closed

This plugin is deprecated. Please see the PrivateReportsPlugin for a replacement

Add Comment

Modify Ticket

as closed The owner will remain coderanger.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.