View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0010626 | mantisbt | documentation | public | 2009-06-25 14:37 | 2009-10-07 14:19 |
Reporter | dhx | Assigned To | dhx | ||
Priority | normal | Severity | text | Reproducibility | N/A |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.0rc1 | ||||
Target Version | 1.2.0rc2 | Fixed in Version | 1.2.0rc2 | ||
Summary | 0010626: Improve documentation relating to anonymous user accounts | ||||
Description | There currently doesn't exist any worthwhile documentation on how to setup anonymous access to Mantis. The configuration options in particular need documenting so administrators understand what the settings do, and what gotchas exist. | ||||
Tags | No tags attached. | ||||
Anyway, how to setup an anonymous account was documented in the wiki. http://www.mantisbt.org/wiki/doku.php/mantisbt:enabling_anonymous_access we may want to remove that page and/or redirect readers to the updated manual page. |
|
MantisBT: master 3803c90c 2009-06-25 14:19 Details Diff |
Anonymous accounts: fixes and doc updates Updated documentation of configuration options relating to anonymous access to Mantis. Fixes 0010626. Added new user_is_anonymous function to the user API. The purpose of this function is to check if the current user is the anonymous user account. Changes user_is_protected function in the user API to always return true when the user is the anonymous user account. The anonymous user should never be allowed to update the preferences and settings on the anonymous account! Fixes 0010265. Fixed a major security bug in account_prefs_reset.php that allowed anyone to reset the account preferences of another person. Fixes 0010264. |
Affected Issues 0010264, 0010265, 0010626 |
|
mod - core/user_api.php | Diff File | ||
mod - core/authentication_api.php | Diff File | ||
mod - account_manage_columns_page.php | Diff File | ||
mod - core/access_api.php | Diff File | ||
mod - docbook/adminguide/en/configuration.sgml | Diff File | ||
mod - docbook/adminguide/en/user_management.sgml | Diff File | ||
mod - account_prefs_reset.php | Diff File | ||
mod - config_defaults_inc.php | Diff File | ||
mod - core/current_user_api.php | Diff File | ||
mod - account_prefs_update.php | Diff File | ||
mod - core/rss_api.php | Diff File | ||
MantisBT: master-1.2.x f0049266 2009-06-25 14:19 Details Diff |
Anonymous accounts: fixes and doc updates Updated documentation of configuration options relating to anonymous access to Mantis. Fixes 0010626. Added new user_is_anonymous function to the user API. The purpose of this function is to check if the current user is the anonymous user account. Changes user_is_protected function in the user API to always return true when the user is the anonymous user account. The anonymous user should never be allowed to update the preferences and settings on the anonymous account! Fixes 0010265. Fixed a major security bug in account_prefs_reset.php that allowed anyone to reset the account preferences of another person. Fixes 0010264. |
Affected Issues 0010264, 0010265, 0010626 |
|
mod - core/user_api.php | Diff File | ||
mod - core/authentication_api.php | Diff File | ||
mod - account_manage_columns_page.php | Diff File | ||
mod - core/access_api.php | Diff File | ||
mod - docbook/adminguide/en/configuration.sgml | Diff File | ||
mod - docbook/adminguide/en/user_management.sgml | Diff File | ||
mod - account_prefs_reset.php | Diff File | ||
mod - config_defaults_inc.php | Diff File | ||
mod - core/current_user_api.php | Diff File | ||
mod - account_prefs_update.php | Diff File | ||
mod - core/rss_api.php | Diff File |