Defect #34284

In Role edit view the per tracker table only shows up when "View Issues" permission is selected

Added by Matthias Hörmann about 1 year ago. Updated 10 months ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Issues permissions
Target version:-
Resolution: Affected version:4.1.1

Description

In the Role edit view there is a table with "All trackers" and the individual trackers for rows and "View Issue", "Add Issue", "Edit Issue",.. for columns.

This allows limiting of the respective actions to a specific tracker.

In our installation we use some roles that only have a few permissions to grant additional permissions to users who get most of their permissions via a more restrictive "main" role.

In this context I noticed today that the table mentioned above is only visible when "View Issues" is granted to a role even though the setting is still useful and in fact seems to be used when just "Add Issues" or "Edit Issues" are granted (users are suddenly able to create issues in all trackers even though our 'main' role limits this to the Inbox tracker).

In my opinion this table should be visible as soon as any permission is granted that can be further limited to a tracker using it, not just when "View Issues" is granted.


Related issues

Related to Redmine - Defect #34570: Misleading workflow/permission issue New
Follows Redmine - Defect #15988: Unexpected behaviour on issue fields for users that have ... Closed
Follows Redmine - Feature #285: Tracker role-based permissioning Closed

History

#1 Updated by Mischa The Evil 10 months ago

  • Related to Defect #34570: Misleading workflow/permission issue added

#2 Updated by Mischa The Evil 10 months ago

This is related to one part of the two-part issue that came to the surface in the discussion of #34570.

#3 Updated by Mischa The Evil 10 months ago

  • Follows Defect #15988: Unexpected behaviour on issue fields for users that have multiple roles added

#4 Updated by Mischa The Evil 10 months ago

  • Follows Feature #285: Tracker role-based permissioning added

Also available in: Atom PDF