Project

General

Profile

Actions

bug #9051

open

Role Project manager should not have right to edit users and creating a new user with missing rights results in two message-boxes

Added by Katja Luther about 4 years ago. Updated about 3 years ago.

Status:
New
Priority:
New
Assignee:
Category:
taxeditor
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Severity:
normal
Found in Version:
Tags:

Description

mail AM:

Außerdem kommt nach dem Versuch einen User anzulegen, ohne dass man die Rechte dazu hat, erst ein normaler Hinweisdialog, dass „Access denied“ und dann kommt noch der „Unexpected error“ Dialog mit stacktrace unten. Letzteres sollte eigentlich nicht passieren.


Related issues

Related to EDIT - bug #9612: ROLE_USER_MANAGER is missing as a group in FirstDataImporterClosedAndreas Müller

Actions
Related to EDIT - bug #6106: [Discuss] Handle rights and roles for CdmPreferencesClosedAndreas Müller

Actions
Related to EDIT - task #8602: Discuss: Local Preferences & Server-sided Preferences in same menu?NewKatja Luther

Actions
Actions #1

Updated by Andreas Müller about 4 years ago

  • Target version changed from Release 5.15 to Release 5.18
Actions #2

Updated by Katja Luther over 3 years ago

  • Target version changed from Release 5.18 to Release 5.19
Actions #3

Updated by Andreas Müller over 3 years ago

  • Target version changed from Release 5.19 to Release 5.21
Actions #4

Updated by Andreas Müller over 3 years ago

  • Target version changed from Release 5.21 to Release 5.22
Actions #5

Updated by Andreas Müller over 3 years ago

  • Tags set to fast
Actions #6

Updated by Katja Luther about 3 years ago

  • Target version changed from Release 5.22 to Release 5.25
Actions #7

Updated by Katja Luther about 3 years ago

  • Status changed from New to Feedback
  • Assignee changed from Katja Luther to Andreas Müller

How are you able to create a user without permission, the admin menu is available only if you are admin or project manager and having these roles also allows you to create new users?

Actions #8

Updated by Andreas Müller about 3 years ago

  • Status changed from Feedback to New
  • Assignee changed from Andreas Müller to Katja Luther

Katja Luther wrote:

How are you able to create a user without permission, the admin menu is available only if you are admin or project manager and having these roles also allows you to create new users?

No this is not true and was obvious in the original mail (2020-06-02): "Hmm, stimmt, ProjectManager scheint dieses Recht nicht zu haben, zumindest bekomme ich auch eine „Access denied“ Fehlermeldung." (a reason why I think that it is always good to cite mail threads more or less in full in tickets)

Außerdem in der Mail:

Das ist wohl auch so gewollt. Du bräuchtest laut https://dev.e-taxonomy.eu/redmine/projects/edit/wiki/CdmAuthorisationAndAccessControl
noch ROLE_USER_MANAGER, dafür gibt es aber noch keine automatisch angelegte Gruppe.
Andreas K., ist das so gewollt oder fehlt diese noch beim FirstDataImporter?

So the error can be reproduced by a project manager without ROLE_USER_MANAGER (I tested on casearia).

I also created a new ticket for the above issue with FirstDataImporter: #9612

Actions #9

Updated by Andreas Müller about 3 years ago

  • Related to bug #9612: ROLE_USER_MANAGER is missing as a group in FirstDataImporter added
Actions #10

Updated by Andreas Müller about 3 years ago

  • Subject changed from Creating a new user with missing rights results in two message-boxes to Role Project manager should not have right to edit users and creating a new user with missing rights results in two message-boxes
Actions #11

Updated by Andreas Müller about 3 years ago

I changed the title of the ticket as the incorrect evaluation of the rights for role_project_manager is the more critical issue here (if this is fixed the other issue is not really relevant anymore)

Actions #12

Updated by Andreas Müller about 3 years ago

  • Target version changed from Release 5.25 to Release 5.51
Actions #13

Updated by Andreas Müller over 2 years ago

  • Related to bug #6106: [Discuss] Handle rights and roles for CdmPreferences added
Actions #14

Updated by Andreas Müller over 2 years ago

  • Related to task #8602: Discuss: Local Preferences & Server-sided Preferences in same menu? added
Actions

Also available in: Atom PDF