Defect #37499: Default query should not be applied if the query is not allowed to be set as the default - Redmine

Actions

Copy link

Defect #37499

closed

Default query should not be applied if the query is not allowed to be set as the default

Added by Go MAEDA 8 months ago. Updated 8 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Go MAEDA

Category:

Issues

Target version:

5.0.3

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Fixed

Affected version:

5.0.0

Description

There are conditions on the queries that can be set as the default query. For example, the query you want to set as the global default or project default must be a public query.

However, you can set a non-public query as the default query with the following steps.

1. Create a public issue query
2. Set the query as the project default
3. Change the visibility of the query from "to any users" to "to me only"
4. Login with another user and open the "Issues" tab of the project. The user will get an error "403 You are not authorized to access this page"

To avoid the error, Redmine should not try to apply the default query when a query that is not allowed to be set as the default is the current default query.

Files

fix-37499.patch (6.23 KB) fix-37499.patch

Mizuki ISHIKAWA, 2022-07-28 06:54

Related issues

Actions

Copy link

Updated by Go MAEDA 8 months ago

Description updated (diff)

Actions

Copy link

Updated by Mizuki ISHIKAWA 8 months ago

File fix-37499.patch fix-37499.patch added

Patch attached.
The default_project_query also has the same problem, so I have fixed it.

Actions

Copy link

Updated by Go MAEDA 8 months ago

Subject changed from Default query should be ignored if the query is not allowed to be set as the default to Default query should not be applied if the query is not allowed to be set as the default

Actions

Copy link