Continuum
  1. Continuum
  2. CONTINUUM-1919

'Project Developer' role has rights to delete project group to which he is assign to.

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.2
    • Fix Version/s: 1.2.1
    • Component/s: Security
    • Labels:
      None
    • Complexity:
      Intermediate
    • Number of attachments :
      2

      Description

      Developer should be able to delete projects from the group, but not the group itself.

      1. continuum-1919-continuum-security.patch
        1 kB
        Jevica Arianne B. Zurbano
      2. continuum-1919-security.patch
        1 kB
        Jevica Arianne B. Zurbano

        Issue Links

          Activity

          Hide
          Jevica Arianne B. Zurbano added a comment -

          Attached patch.

          • removed the delete project group right of a Project Developer
          Show
          Jevica Arianne B. Zurbano added a comment - Attached patch. removed the delete project group right of a Project Developer
          Hide
          Maria Catherine Tan added a comment -

          There's a bug with this patch.

          As a project group administrator:
          I can still delete all project groups. (Ok)

          As a project group developer:
          I can no longer delete a project group. (OK)

          As a project administrator of a certain resource:
          I can no longer delete the project group even if I have a project admin role for that group. (BUG)

          As a project developer of a certain resource:
          I can no longer delete that group. (OK)

          Show
          Maria Catherine Tan added a comment - There's a bug with this patch. As a project group administrator: I can still delete all project groups. (Ok) As a project group developer: I can no longer delete a project group. (OK) As a project administrator of a certain resource: I can no longer delete the project group even if I have a project admin role for that group. (BUG) As a project developer of a certain resource: I can no longer delete that group. (OK)
          Hide
          Maria Catherine Tan added a comment -

          Maybe you could move the "continuum-remove-group" permission under the project-administrator template instead

          Show
          Maria Catherine Tan added a comment - Maybe you could move the "continuum-remove-group" permission under the project-administrator template instead
          Hide
          Jevica Arianne B. Zurbano added a comment -

          continuum-1919-security.patch: "continuum-remove-group" permission moved to Project Administrator template.

          Thanks!

          Show
          Jevica Arianne B. Zurbano added a comment - continuum-1919-security.patch: "continuum-remove-group" permission moved to Project Administrator template. Thanks!
          Hide
          Maria Catherine Tan added a comment -

          Fixed in revision 703287. Thanks!

          Show
          Maria Catherine Tan added a comment - Fixed in revision 703287. Thanks!
          Hide
          Maria Catherine Tan added a comment -

          The fix only affects new db.

          For existing db, we need a way to edit permissions attached to a role.

          Show
          Maria Catherine Tan added a comment - The fix only affects new db. For existing db, we need a way to edit permissions attached to a role.

            People

            • Assignee:
              Maria Catherine Tan
              Reporter:
              Piotr Krzysztoporski
            • Votes:
              8 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: