Defect #5070
open
Redmine.pm does not allow Administrators to access svn repositories
0%
Description
The following SQL code does not detect that a user is an Administrator and denies access:
my $query = "SELECT
hashed_password, auth_source_id, permissions
FROM members, projects, users, roles, member_roles
WHERE
projects.id=members.project_id
AND member_roles.member_id=members.id
AND users.id=members.user_id
AND roles.id=member_roles.role_id
AND users.status=1
AND login=?
AND identifier=? ";
Adding myself as a member of the project within redmine permitted access.
Note there is a related issue: #3712, where someone has uploaded an "improved version" of Redmine.pm, having significantly enhanced features. I will try this version next, to see if it allows Redmine administrators to have access to the Redmine-managed subversion repositories. Perhaps it would be worth accepting the improved version into the main distribution as an easy fix for this issue (if it works)?
Related issues
Updated by Bryce Nordgren about 14 years ago
The alternate version of Redmine.pm in #3712 does not allow admins to browse/commit to repositories. However, it still has some very nice features which would be good to have merged into the main release. ;)
Updated by Roman Savrulin about 14 years ago
I have the same issue, but even adding myself as a member of a project does not permit access
Updated by Toshi MARUYAMA about 13 years ago
- Category changed from SCM to SCM extra
Updated by