View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0015538 | mantisbt | bugtracker | public | 2013-02-24 16:56 | 2014-09-23 18:05 |
Reporter | viktor.minko | Assigned To | dregad | ||
Priority | high | Severity | crash | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.14 | ||||
Target Version | 1.2.15 | Fixed in Version | 1.2.15 | ||
Summary | 0015538: Issues list is not displayed when $g_limit_reporters is ON | ||||
Description | When setting $g_limit_reporters = ON, the list of issues in view_all_bug page is not displayed. The log contains next error: PHP Fatal error: Unsupported operand types in /mantis/core/access_api.php on line 425 | ||||
Steps To Reproduce |
| ||||
Additional Information | Error occurres in line: if ( $t_limit_reporters && !bug_is_user_reporter( $p_bug_id, $p_user_id ) && !access_has_project_level( $t_report_bug_threshold + 1, $t_project_id, $p_user_id ) ) { Suggested fix: if ( $t_limit_reporters && !bug_is_user_reporter( $p_bug_id, $p_user_id ) ) { | ||||
Tags | No tags attached. | ||||
viktor.minko, I was not able to reproduce your problem with a fresh install of the latest stable version of MantisBT (1.2.14 at the moment). Please provide detailed, step-by-step instructions to reproduce the issue. Additional information listed below may also be useful:
As I was not able to reproduce the issue I didn't have a deeper look, but this line of the suggested fix is wrong
$i is not set at this place |
|
I will collect necessary info tomorrow. Yes my suggested fix wasn't tested and created on the fly. The idea is that $t_report_bug_threshold can be an array value, but in the current code we have: $t_report_bug_threshold + 1 which is incorrect operation if $t_report_bug_threshold is array. |
|
Confirmed. You need to set your workflow so that report_bug_threshold is an array, e.g. array ( 0 => 25, 1 => 55, 2 => 70, 3 => 90 ), and have in the issue list at least one issue which is not reported by the current user. |
|
Fixed. Please apply the attached patch manually or download the next nightly build, test and reopen this issue if the problem persists or you notice a regression. |
|
Just noticed through testing that in case $g_limit_reporters = ON and current user = administrator, the code incorrectly denies access to issues. This was likely introduced by d42e80c0. Patch follows. |
|
Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch |
|
MantisBT: master-1.2.x b3276bbf 2013-02-25 12:01 Details Diff |
Fix crash when report_bug_threshold=array in access_has_bug_level When displaying a bug for which the user is not the reporter, $g_limit_reporters=ON and the workflow is set so report_bug_threshold is an array, MantisBT crashes with "PHP Fatal error: Unsupported operand types". This is due to use of '+ 1' to indicate that user should have the next higher access level to view the issue. We now use the same logic but within a foreach loop to check against each array element. Fixes 0015538 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master 957b3c09 2013-02-25 12:01 Details Diff |
Fix crash when report_bug_threshold=array in access_has_bug_level When displaying a bug for which the user is not the reporter, $g_limit_reporters=ON and the workflow is set so report_bug_threshold is an array, MantisBT crashes with "PHP Fatal error: Unsupported operand types". This is due to use of '+ 1' to indicate that user should have the next higher access level to view the issue. We now use the same logic but within a foreach loop to check against each array element. Fixes 0015538 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master-1.2.x d42e80c0 2013-02-26 11:11 Details Diff |
Optimize performance of access_has_bug_level() api function Through use of a static array to cache the reporter threshold when $g_limit_reporter = ON and more importantly reducing the total number of API calls, the performance of this function has been improved by 65% (stress tests executed over 2000 iterations, 0.34s vs 0.22s). Issue 0015538, follow up on b3276bbf50abdf53eaa9ef3b20ddb9461aaf1808 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master 5e145289 2013-02-26 11:11 Details Diff |
Optimize performance of access_has_bug_level() api function Through use of a static array to cache the reporter threshold when $g_limit_reporter = ON and more importantly reducing the total number of API calls, the performance of this function has been improved by 65% (stress tests executed over 2000 iterations, 0.34s vs 0.22s). Issue 0015538, follow up on b3276bbf50abdf53eaa9ef3b20ddb9461aaf1808 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master-1.2.x 9ec47a05 2013-02-27 05:46 Details Diff |
Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug as the final call to access_compare_level() inverted the 2 parameters which caused an incorrect return value to be returned in certain cases, incorrectly denying access to issues. Issue 0015538 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master 8ff13c0d 2013-02-27 05:46 Details Diff |
Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug as the final call to access_compare_level() inverted the 2 parameters which caused an incorrect return value to be returned in certain cases, incorrectly denying access to issues. Issue 0015538 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master f583a458 2013-02-27 05:46 Details Diff |
Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug in the call to access_compare_level() when access is limited to issue reporter (inverted parameters caused an incorrect access denied error). See also 9ec47a056156ac32e1f95cd0ec20d4db8bd54d3b. Issue 0015538 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File | ||
MantisBT: master-1.2.x df411e20 2013-02-27 05:46 Details Diff |
Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug in the call to access_compare_level() when access is limited to issue reporter (inverted parameters caused an incorrect access denied error). See also 9ec47a056156ac32e1f95cd0ec20d4db8bd54d3b. Issue 0015538 |
Affected Issues 0015538 |
|
mod - core/access_api.php | Diff File |