Defect #8626

Setting status via API fails silently

Added by Bevan Rudge over 6 years ago.

Status:NewStart date:2011-06-16
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:REST API
Target version:-
Resolution: Affected version:1.1.3

Description

When a user attempts to set the status_id of an issue, but does not have permission to do so, Redmine's API does not respond with an error. The status is not updated, yet the response still indicates success.

I tested this with Admin user on a fresh instance of Redmine, where Admin was not a member of the project.

#8625 is related.

Also available in: Atom PDF