View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0008324 | mantisbt | administration | public | 2007-08-29 23:06 | 2025-10-20 09:11 |
| Reporter | Jared_D | Assigned To | giallu | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.1.0a4 | ||||
| Fixed in Version | 1.1.0rc1 | ||||
| Summary | 0008324: Rendering of "Manage Users" menu link ignores $g_manage_user_threshold | ||||
| Description | The print_menu and print_manage_menu functions in html_api.php are hardcoded to only let administrators see the "Manage Users" menu link regardless of $g_manage_user_threshold. e.g. If $g_manage_user_threshold is set to MANAGER in config_inc.php and you login as a manager: the "Manage Users" link in the menu is not rendered but you can access manage_user_page.php by typing it into the url bar of the browser. I've made/attached a patch that should fix html_api.php so that the menu link is rendered for users with appropriate permission. The limited tests I've done on the patched code have shown no problems. | ||||
| Tags | No tags attached. | ||||
| Attached Files | patch_html_api-manage_user_threshold.patch (1,344 bytes)
--- html_api.php 2007-08-30 11:53:47.000000000 +1000
+++ html_api.php 2007-08-30 12:29:17.000000000 +1000
@@ -546,10 +546,10 @@
}
# Manage Users (admins) or Manage Project (managers) or Manage Custom Fields
- $t_show_access = min( config_get( 'manage_project_threshold' ), config_get( 'manage_custom_fields_threshold' ), ADMINISTRATOR );
+ $t_show_access = min( config_get( 'manage_user_threshold' ), config_get( 'manage_project_threshold' ), config_get( 'manage_custom_fields_threshold' ) );
if ( access_has_global_level( $t_show_access) || access_has_any_project( $t_show_access ) ) {
$t_current_project = helper_get_current_project();
- if ( access_has_project_level( ADMINISTRATOR, $t_current_project ) ) {
+ if ( access_has_global_level( config_get( 'manage_user_threshold' ) ) ) {
$t_link = 'manage_user_page.php';
} else {
if ( access_has_project_level( config_get( 'manage_project_threshold' ), $t_current_project )
@@ -688,7 +688,7 @@
}
PRINT '<br /><div align="center">';
- if ( access_has_global_level( ADMINISTRATOR ) ) {
+ if ( access_has_global_level( config_get( 'manage_user_threshold' ) ) ) {
print_bracket_link( $t_manage_user_page, lang_get( 'manage_users_link' ) );
}
if ( access_has_project_level( config_get( 'manage_project_threshold' ) ) ) {
| ||||
|
MantisBT: master fc79ffde 2007-08-30 04:18 Details Diff |
Fix 8324: Rendering of "Manage Users" menu link ignores $g_manage_user_threshold git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@4564 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9 |
Affected Issues 0008324 |
|
| mod - core/html_api.php | Diff File | ||
