View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009300 | mantisbt | security | public | 2008-06-25 08:19 | 2014-11-07 16:26 |
Reporter | polzin | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | new | Resolution | open | ||
Summary | 0009300: bugnote_set_view_state looks for "bugnote_update" instead of 'private_bugnote_threshold' and 'change_view_status_threshold' | ||||
Description | bugnote_set_view_state ensures for "bugnote_update", http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/trunk/mantisbt/bugnote_set_view_state.php?revision=5366&view=markup#l_47 Suggestion:
This makes more sense in an environment, where some people may have the right to set bugnote to internal(for security reasons) but not to change others' bugnotes. | ||||
Tags | No tags attached. | ||||
The above suggestion has an obvious error: $f_bug_id is not defined in bugnote_set_view.php. It should read "$t_bug_id". |
|
Is the issue reported here the actual cause of the bug that is causing the whole issue not visible for reporters, if we mark just one of the notes as private? |
|
Indeed. And I see that's meanwhile fixed in rc2. Thanks. :) |
|