Project

General

Profile

Actions
Copy link

Defect #14219

closed

Escalating privileges

Added by Tor Holden over 12 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Category:
Permissions and roles
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Invalid
Affected version:
2.3.1

Description

Scenario 1:

Say I have 2 roles:

- Supervisor, with create project and create subprojects privileges
- Manager, with create subprojects privilege

They are listed IN THAT ORDER in Roles section.

Manager cannot at this point create anything but subprojects

Now, a Supervisor creates a project, and appoints some user with Manager role.

This user creates a subproject. He is somehow by default given Supervisor role for that project. He now has supervisor privileges and can create main projects.

This does not occur if Manager comes first in Roles list. Then by default, the Manager role is assigned to the user in subproject.

Scenario 2:

- Supervisor, with create project, Manage members and create subprojects privileges
- Manager, with Manage members privilege

Manager can simply go to "Setting > Members" of that project, edit his membership and assigns himself Supervisor role. Now he can create new projects, etc.

Is this normal behaviour?

Actions
Copy link

Also available in: Atom PDF