| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
|---|---|---|---|---|---|---|---|---|---|
| 0000227 | v1.1 Release (Closed) | [All Projects] General | public | 2009-08-02 05:17 | 2009-09-09 22:41 | ||||
| Reporter | egemme | ||||||||
| Assigned To | caseydk | ||||||||
| Priority | normal | Severity | tweak | Reproducibility | always | ||||
| Status | closed | Resolution | fixed | ||||||
| Product Version | 1.1 | ||||||||
| Target Version | Fixed in Version | 1.1 | |||||||
| Summary | 0000227: View other user's tasks/todo | ||||||||
| Description | I migrated from dP 2.1.2 and testing w2p 1.1 trunk. I can only view partly other user's tasks or todos(2 out of 7). With few "echo" put hear and there in the code, I've been able to see that the w2PgetUsersList returns the correct full list of users. But isUserPermitted screens out most users. This part of w2P seems to have been heavily rewritten and would I need a clue to interpret how acl tools now deals with this function. I wish to see whether there is a bug there, or is it just a bad acl tables conversion. | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files |
| ||||||||
 Relationships |
|
 Relationships |
| Notes |
|
|
caseydk (administrator) 2009-08-02 17:24 |
I'm playing with the latest trunk and not seeing any "errors" per se. In one of my installations, I'm looking at various tasks for lots of users without problems. That said, we have worked hard at cleaning up and making permissions much more secure. Previously, if permissions were undefined on something, dotProject would give you access to it. And that's assuming permissions were applied at all - there were many places where they were not. In web2project, we've made sure that permissions are applied *everywhere* in addition to not allowing access unless the ACL's specifically say so. |
|
egemme (reporter) 2009-08-13 05:37 |
Sorry for the delay I was in vacations out of town. I reworked my "project worker" role by adding "access" to "user table" and it worked. For a reason I can't remember, "access" to "user table" couldn't be securely given in dP without giving some extra unwanted permissions. At this time, you can close this issue. |
|
caseydk (administrator) 2009-08-13 06:47 |
Thanks for the update. Any chance you'd be willing to add the problem and the fix to our FAQ page here: http://wiki.web2project.net/index.php?title=Category:Frequently_Asked_Questions ? |
|
caseydk (administrator) 2009-09-09 22:41 |
Closed for release. |
| Notes |
| Issue History |
|||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2009-08-02 05:17 | egemme | New Issue | |
| 2009-08-02 17:24 | caseydk | Note Added: 0000375 | |
| 2009-08-02 17:24 | caseydk | Status | new => feedback |
| 2009-08-13 05:37 | egemme | Note Added: 0000383 | |
| 2009-08-13 06:47 | caseydk | Status | feedback => resolved |
| 2009-08-13 06:47 | caseydk | Resolution | open => fixed |
| 2009-08-13 06:47 | caseydk | Assigned To | => caseydk |
| 2009-08-13 06:47 | caseydk | Note Added: 0000385 | |
| 2009-09-09 22:41 | caseydk | Status | resolved => closed |
| 2009-09-09 22:41 | caseydk | Note Added: 0000452 | |
| 2009-09-09 22:41 | caseydk | Fixed in Version | => 1.1 |
| Issue History |