MantisBT: master 0f030fd7

Diff Back to Repository
Author Committer Branch Timestamp Parent
vboctor vboctor master 2014-11-01 22:36 master b5b08678
Affected Issues  0009885: Emails on relations is send to people who cannot see the related issue
Changeset

Relationship emails disclose related issue

This fix tackles the following scenarios:

  • Users no longer get notified about relationships that they don't have access to.
  • Users no longer see relationships listed in email notifications that they don't have access to.
  • Users no longer see history events associated with relationships they don't have access to.
  • Emails are constructed within the context of the target user not the logged in one.

Fixes 0009885
mod - core/email_api.php Diff File
mod - core/history_api.php Diff File