View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0022470||mantisbt||feature||public||2017-03-05 15:18||2018-03-02 17:40|
|Summary||0022470: Access Restriction to each custom action group option|
Custom action group can be added according to https://www.mantisbt.org/wiki/doku.php/mantisbt:issue:7900
These additional action group are available to any user that has rights to the project.
Some custom action group should be displayed only to users with a minimal access level. A new action group option 'threshold_min' could be used.
new custom action group declaration :
The new option 'threshold_min' is handled in core/bug_group_action_api.php, row 303
Existing custom action group are not impacted by the modification, because if 'threshold_min' is not defined, threshold_min equal to 0 and everybody can view the option in the list.
|Tags||No tags attached.|
Didn't have a deeper look, but doesn't this prevent just the display of the menu entry, so that you are still able to execute the custom functions using other ways?
BTW, the same applies to
Yes, you're right.
My problem is that the custom actions page api let the developper to define access rights in validate and process functions, but even if the user hasn't rights to use the custom function, this custom function is displayed in the group action option list in bug_view_page and the form in the custom action page is displayed too.
To avoid displaying actions that will be forbidden in validate or process functions, the
I didn't understand this note. Do you please confirm that
Do you want me to provide a PR for this feature ?
|2017-03-05 15:18||Mr.Bricodage||New Issue|
|2017-03-05 15:38||atrol||Note Added: 0055910|
|2017-03-05 15:39||atrol||Note Edited: 0055910||View Revisions|
|2017-03-05 15:39||atrol||Severity||minor => feature|
|2017-03-06 05:10||Mr.Bricodage||Note Added: 0055917|
|2017-03-06 05:37||atrol||Note Added: 0055918|
|2017-03-06 05:38||atrol||Note Edited: 0055918||View Revisions|
|2018-03-02 17:40||Mr.Bricodage||Note Added: 0059072|