Defect #9308
closedSearch fails when a role haven't "view wiki" permission
0%
Description
I have configured a role that haven't the "view wiki" permission.
When a user that has this role (in all projects) search for some word, redmine fails with this message (bug-in-action.jpg)
If I grant the permission to the role, all works fine.
This is a major bug because normal user can think that the site don't work.
In the log file, I see that the query fails on where condition because "text" field is unknown.
ps: the behavior of redmine in this case is very strange: for example, if I search for mail I have an error, but if I search for mail. all works fine
Files
Updated by pasquale [:dedalus] about 13 years ago
pasquale [:dedalus] wrote:
In the log file, I see that the query fails on where condition because "text" field is unknown.
this is the log message:
Processing SearchController#index (for 85.33.108.241 at 2011-09-22 11:57:15) [GET] Parameters: {"action"=>"index", "q"=>"mail", "controller"=>"search"} ActiveRecord::StatementInvalid (Mysql::Error: Unknown column 'text' in 'where clause': SELECT * FROM `wiki_pages` WHERE ((1=0) AND (((LOWER(title) LIKE '%mail%') OR (LOWER(text) LIKE '%mail%')))) ORDER BY wiki_pages.created_on DESC LIMIT 11): app/controllers/search_controller.rb:77:in `index' app/controllers/search_controller.rb:76:in `each' app/controllers/search_controller.rb:76:in `index' config/initializers/mongrel_cluster_with_rails_211_fix.rb:62:in `dispatch_cgi'
Updated by Etienne Massip about 13 years ago
- Target version set to Candidate for next minor release
Definitely reproduced, big one, thanks.
Updated by Etienne Massip about 13 years ago
- Status changed from New to Resolved
- Target version changed from Candidate for next minor release to 1.2.2
- Resolution set to Fixed
Fixed with r7568.
Updated by Jean-Philippe Lang almost 13 years ago
- Status changed from Resolved to Closed