"Add Issues" permission problem
I've created a role with "Add Issues" permission enabled for issues "reporter" users. However, when a user with this role create an issue, this following error message appears:
"403 - You are not authorized to access this page".
Despite this error message, the issue is successfully created. The error message is not shown if I enable also the "View Issues" permission. This solution doesn't work for us because theses users must have just the ability to add new issues without access to the issues added by others.
Moreover, we expect the "reporter" users have the possibility to update their own created issues. So, a "edit my own issues" permissions is very welcome.
#4 Updated by Erica Gallindo almost 10 years ago
Jean-Philippe Lang wrote:
but the first part is a bug report
The user is not authorized to view issues, so what do you expect?
I'm expecting a better message on the screen. The "not allowed to view" (or something like this) message doesn't help the user to know if that issue has been successfully added.
#6 Updated by Felix Schäfer over 9 years ago
- Status changed from New to Closed
- Resolution set to Duplicate
Erica Gallindo wrote:
Yes, the second part is exactly the same feature request as in #2653, but the first part is a bug report. It was a mistake to mixed them in the same issue. Sorry :(
The "error" page is expected behavior and merely says that the user doesn't have the permission to do a certain action. I you feel issue creation by a user not permitted to view issues should still yield a success message, please open a new issue.