View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0022093 | mantisbt | administration | public | 2016-12-30 01:52 | 2020-12-30 05:33 |
Reporter | Zazzarim | Assigned To | vboctor | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.4 | ||||
Target Version | 2.9.1 | Fixed in Version | 2.9.1 | ||
Summary | 0022093: Reporter can´t change status of a bug | ||||
Description | Reporters are not allowed to change the head of a bug note after submitting it. | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
related to | 0016376 | closed | dregad | Not able to change status without having update issue rights |
related to | 0023719 | closed | vboctor | The reporter can not solve or close the issue |
related to | 0021393 | closed | vboctor | When disable "Update an issue", then "Assign to" become access denied |
related to | 0024512 | closed | atrol | Can't reopen resolved bug from another reporter |
related to | 0027806 | closed | dregad | Impossible to edit issues with PHP8 |
I am also having this issue with version 2.1.0 I would like to allow various roles to work within the workflow (assigning, changing status, etc.) but I do not want users below manager to be able to update an issue. |
|
NOTE: The fix in the description worked for me too. |
|
MantisBT: master-2.9 bf1f02f7 2017-12-12 18:24 Details Diff |
Fix access checks for assign and change status - Users should be able to assign issues even if they can’t update issues. - Users should be able to change status even if they can’t update issues. Fixes 0021393, 0022093 |
Affected Issues 0021393, 0022093, 0027806 |
|
mod - bug_update.php | Diff File | ||
MantisBT: master-2.24 65567e0d 2020-12-28 13:41 Details Diff |
Properly check access level when updating issues Commit bf1f02f71a85bd4e05cd2a627b3c25e79f96d5a0 (issues 0021393, 0022093) introduced a bug in the access level check, as it passed the threshold as a string to access_ensure_bug_level() instead of its actual value. This seemed to work in PHP < 8.0, because string comparisons behaved differently [[1]], but in reality there was no actual access check, as the strings were evaluated to 0 (ANYBODY). Adding the missing config_get() call to fix the access level check. Fixes 0027806 [1]: https://www.php.net/releases/8.0/en.php#consistent-type-errors-for-internal-functions |
Affected Issues 0021393, 0022093, 0027806 |
|
mod - bug_update.php | Diff File |