View Issue Details

IDProjectCategoryView StatusLast Update
0008332mantisbtadministrationpublic2007-09-04 06:19
Reporterstappel Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version1.1.0a4 
Summary0008332: bug #00008324 manage_project_threshold problems
Description

I question the correctness on how bug 0008324 was solved. It creates some strange situations.

a) example when a user is created on global level: developer and i give him level: manager on a project. With fix 0008324, and $g_manage_user_threshold = MANAGER; in the config_inc.php file this user will not be able to be a user manager for the project. only if the user is set on global level manager will it work.

This can be fixed with replacing access_has_global_level() with access_has_project_level() in the patch from 0008324.

But then this also has to be done on all manageuser*.php pages like manage_user_page.php

b) (this might has to be created as a new bug report, you decide). If a user is a global manager level it can create new users with level administrator. This should probably not be possible as the user can elevate his own level by using this.

TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2007-09-04 06:19 stappel New Issue