Anonymous Login
2019-08-19 03:04 PDT

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0001631v3.4 Release (Current)Projectspublic2019-01-03 12:53
Reporteropto 
Assigned Tocaseydk 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
Product Version 
Target VersionFixed in Version 
Summary0001631: no of projects in tab title is wrong, not based on permissions
Descriptionhave a guest user with access to one company, access all projects, view one specific project
he can see only one project.

but the tabs hold the number of projects he cannot see (like 16 for in progress although his viewable project is in another status).

He cannot view those projects, but should not see the number either
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0003675

caseydk (administrator)

I can't reproduce this one..

I've tried by taking an existing user and blocking them from seeing companies - sure enough the project counts go down - or by creating a new user and only giving them access to certain companies. And sure enough, they only see those companies' projects.

Can you give me a bit more guidance on fixing this one?

~0003702

opto (manager)

have a company with say 10 projects
have a user with the following permissions:
companies: access to one company only
projects: access to all projects
projects: view to one project

(if not access to all projects, there is no projects itm in the top menu bar).

no go to projects:

all tabs give the number of projects in that tab in the tab name. The numbers are wrong because they are calculated without permissions in mind.

Going into the tabs, the wrongly displayed projects cannot be accessed, but they should not be displayed either. This gives away their project names etc, which should not be accessible if the user has access and view to one project only.

Is this clearer now?

~0003719

caseydk (administrator)

Resolved:
https://github.com/web2project/web2project/commit/4f0156a6f831673c5375a3dc705e414bb6df119a

~0003924

caseydk (administrator)

In the 31 Dec 2018 release: http://docs.web2project.net/release-notes/3.4.html
+Notes

-Issue History
Date Modified Username Field Change
2014-10-11 02:35 opto New Issue
2014-10-11 02:58 opto Summary no of projects in tabs is wrong, not based on permissions => no of projects in tab title is wrong, not based on permissions
2014-10-11 20:19 caseydk Note Added: 0003675
2014-10-11 20:19 caseydk Assigned To => caseydk
2014-10-11 20:19 caseydk Status new => feedback
2014-10-19 13:47 opto Note Added: 0003702
2014-10-19 13:47 opto Status feedback => assigned
2014-11-21 21:37 caseydk Note Added: 0003719
2014-11-21 21:37 caseydk Status assigned => resolved
2014-11-21 21:37 caseydk Fixed in Version => 3.3
2014-11-21 21:37 caseydk Resolution open => fixed
2016-12-26 23:37 caseydk Project v3.3 Release => v3.4 Release (Current)
2019-01-03 12:53 caseydk Note Added: 0003924
2019-01-03 12:53 caseydk Status resolved => closed
+Issue History