Modify ↓
Opened 12 years ago
Closed 7 years ago
#9965 closed enhancement (cantfix)
Reports can consist of many pages with no entries
| Reported by: | Ryan J Ollos | Owned by: | Ryan J Ollos |
|---|---|---|---|
| Priority: | normal | Component: | PrivateTicketsPlugin |
| Severity: | normal | Keywords: | security |
| Cc: | Trac Release: | 0.12 |
Description (last modified by )
Here is Page 1 for Report {1}:
Pages 2 and 4 look the same as Page 1.
Here is Page 3 for Report {1}:
It looks as though the page is rendered, and then all the tickets that are not viewable by this user are dropped. We need to figure out how to aggregate the entries to a single page, and only show a count that represents what the user can view. In fact, showing a count for a particular report that includes tickets a user cannot view might be considered a minor security hole.
Attachments (2)
Change History (6)
Changed 12 years ago by
| Attachment: | Report1-Page1.png added |
|---|
Changed 12 years ago by
| Attachment: | Report1-Page3.png added |
|---|
comment:1 Changed 12 years ago by
| Description: | modified (diff) |
|---|
comment:2 Changed 12 years ago by
comment:3 Changed 10 years ago by
| Status: | new → assigned |
|---|
comment:4 Changed 7 years ago by
| Resolution: | → cantfix |
|---|---|
| Status: | assigned → closed |
Note: See
TracTickets for help on using
tickets.
Appears to be a duplicate of #3674. The corresponding ticket in the Trac core is t:#7608. If we close this as wontfix, then at the very least we should document the issue on the wiki page.