Defect #28069

Queries 403 error if query author is not in the roles list

Added by Stephane Evr about 5 years ago. Updated 29 days ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:


Target version:-
Resolution: Affected version:


How to reproduce (with vanilla redmine 3.4):

- Go to a project where you are a member with Role A
- create a query and save it. make it visible to Role B
- Save the query

- Error 403

In my opinion, a query should always be visible to its author, provided that he has sufficient rights to access the project.

How to fix it:

In the case above, a simple check on user == self.user should fix the problem


#1 Updated by Go MAEDA 29 days ago

  • Category set to Issues

Also available in: Atom PDF