the permission checked for is SENSITIVE_VIEW but viewing tickets shows a TICKET_VIEW permission error
|Reported by:||k0s||Owned by:||dkgdkg|
|Cc:||k0s, mitar||Trac Release:||0.11|
on tickets marked as Sensitive, viewing them shows the following message
Forbidden: TICKET_VIEW privileges needed.
The permission checked for is SENSITIVE_VIEW.
Note that this is not necessarily undesirable. While no real security is provided by hiding evidence that the ticket is sensitive, neither does it hurt the functionality of the SensitiveTicketsPlugin. Since the trac tickets are ordered, anyone seeking to know which tickets are sensitive can request them incrementally.
Change History (6)
comment:3 Changed 5 years ago by hasienda
- Keywords error wording added
- Owner changed from obs to dkgdkg
comment:5 follow-up: ↓ 6 Changed 4 years ago by anonymous
- Priority changed from low to highest
- Severity changed from trivial to blocker