You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Wendy Smoak (JIRA)" <ji...@codehaus.org> on 2008/09/02 00:35:48 UTC
[jira] Created: (CONTINUUM-1867) Project group admin should not be
able to grant system-wide roles to himself
Project group admin should not be able to grant system-wide roles to himself
----------------------------------------------------------------------------
Key: CONTINUUM-1867
URL: http://jira.codehaus.org/browse/CONTINUUM-1867
Project: Continuum
Issue Type: Bug
Components: Web - Security
Affects Versions: 1.2.0
Reporter: Wendy Smoak
As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (CONTINUUM-1867) Project group admin should not be
able to grant system-wide roles to himself
Posted by "Wendy Smoak (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/CONTINUUM-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wendy Smoak updated CONTINUUM-1867:
-----------------------------------
Fix Version/s: 1.2.1
> Project group admin should not be able to grant system-wide roles to himself
> ----------------------------------------------------------------------------
>
> Key: CONTINUUM-1867
> URL: http://jira.codehaus.org/browse/CONTINUUM-1867
> Project: Continuum
> Issue Type: Bug
> Components: Web - Security
> Affects Versions: 1.2.0
> Reporter: Wendy Smoak
> Fix For: 1.2.1
>
> Attachments: continuum-user-edit.pdf
>
>
> As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
> A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (CONTINUUM-1867) Project group admin should not be
able to grant system-wide roles to himself
Posted by "Olivier Lamy (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/CONTINUUM-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Olivier Lamy updated CONTINUUM-1867:
------------------------------------
Fix Version/s: (was: 1.2.1)
1.2
> Project group admin should not be able to grant system-wide roles to himself
> ----------------------------------------------------------------------------
>
> Key: CONTINUUM-1867
> URL: http://jira.codehaus.org/browse/CONTINUUM-1867
> Project: Continuum
> Issue Type: Bug
> Components: Web - Security
> Affects Versions: 1.2
> Reporter: Wendy Smoak
> Fix For: 1.2
>
> Attachments: continuum-user-edit.pdf
>
>
> As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
> A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (CONTINUUM-1867) Project group admin should not be
able to grant system-wide roles to himself
Posted by "Olivier Lamy (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/CONTINUUM-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Olivier Lamy closed CONTINUUM-1867.
-----------------------------------
Assignee: Olivier Lamy
Resolution: Fixed
upgrade to redback 1.1.1 done in rev 696596
Thanks for the fast release :-)
> Project group admin should not be able to grant system-wide roles to himself
> ----------------------------------------------------------------------------
>
> Key: CONTINUUM-1867
> URL: http://jira.codehaus.org/browse/CONTINUUM-1867
> Project: Continuum
> Issue Type: Bug
> Components: Web - Security
> Affects Versions: 1.2
> Reporter: Wendy Smoak
> Assignee: Olivier Lamy
> Fix For: 1.2
>
> Attachments: continuum-user-edit.pdf
>
>
> As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
> A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (CONTINUUM-1867) Project group admin should not be
able to grant system-wide roles to himself
Posted by "Wendy Smoak (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/CONTINUUM-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wendy Smoak updated CONTINUUM-1867:
-----------------------------------
Attachment: continuum-user-edit.pdf
Attaching continuum-user-edit.pdf showing all the options available to a user who currently only has a single project group admin role.
The first page of the user edit form showing the effective roles can be seen attached to CONTINUUM-1865.
> Project group admin should not be able to grant system-wide roles to himself
> ----------------------------------------------------------------------------
>
> Key: CONTINUUM-1867
> URL: http://jira.codehaus.org/browse/CONTINUUM-1867
> Project: Continuum
> Issue Type: Bug
> Components: Web - Security
> Affects Versions: 1.2.0
> Reporter: Wendy Smoak
> Attachments: continuum-user-edit.pdf
>
>
> As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
> A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (CONTINUUM-1867) Project group admin should not
be able to grant system-wide roles to himself
Posted by "Jevica Arianne B. Zurbano (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/CONTINUUM-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=147745#action_147745 ]
Jevica Arianne B. Zurbano commented on CONTINUUM-1867:
------------------------------------------------------
Fix in http://jira.codehaus.org/browse/REDBACK-160 will also fix this.
> Project group admin should not be able to grant system-wide roles to himself
> ----------------------------------------------------------------------------
>
> Key: CONTINUUM-1867
> URL: http://jira.codehaus.org/browse/CONTINUUM-1867
> Project: Continuum
> Issue Type: Bug
> Components: Web - Security
> Affects Versions: 1.2
> Reporter: Wendy Smoak
> Fix For: 1.2.1
>
> Attachments: continuum-user-edit.pdf
>
>
> As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.
> A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira