You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Jevica Arianne B. Zurbano (JIRA)" <ji...@codehaus.org> on 2008/09/12 05:12:48 UTC
[jira] Commented: (CONTINUUM-1867) Project group admin should not
be able to grant system-wide roles to himself
[ http://jira.codehaus.org/browse/CONTINUUM-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=147745#action_147745 ]
Jevica Arianne B. Zurbano commented on CONTINUUM-1867:
------------------------------------------------------
Fix in http://jira.codehaus.org/browse/REDBACK-160 will also fix this.
> Project group admin should not be able to grant system-wide roles to himself
> ----------------------------------------------------------------------------
>
> Key: CONTINUUM-1867
> URL: http://jira.codehaus.org/browse/CONTINUUM-1867
> Project: Continuum
> Issue Type: Bug
> Components: Web - Security
> Affects Versions: 1.2
> Reporter: Wendy Smoak
> Fix For: 1.2.1
>
> Attachments: continuum-user-edit.pdf
>
>
> As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
> A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira