View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0004899 | mantisbt | filters | public | 2004-11-23 08:58 | 2005-05-31 11:23 |
Reporter | PATL | Assigned To | thraxisp | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 0.19.1 | ||||
Fixed in Version | 1.0.0a3 | ||||
Summary | 0004899: <b>[ Custom Fields ]</b> Display in "all projects" | ||||
Description | All user can see the "custom fields" in "all projects" view. For exemple, the clients who have access to mantis can see all "Custom fields" | ||||
Additional Information | Can i desactivate "all projects" view only for any acces ? Thx | ||||
Tags | No tags attached. | ||||
Severity = major because clients can see all "custom fields" |
|
I don't understand what you mean. Users can only see projects that they have Can you explain a bit more about what you mean here? Paul |
|
Users can only see projects that they have access too << Right |
|
Any user can Show lot of informations about all projects. Its More Clear ? or i try again to Explain ? :) |
|
This is indeed a major problem for us. We used Mantis first only internally, but now we want to give our customers access to a few projects. However it is very confusing that in the 'All Projects' view they see al our custom fields, and also from projects they do not have access to. However they do not have access to issues which they are not supposed to, but they can see all values ( enumeration ) for all the custom fields in the system. Furthermore it is very confusing for them. We have over 50 custom fields in our system, but only a few for the 'customer projects'. |
|
I have the same Problem too. |
|
Here is my solution: (v1.0.0.a2) file: ./core/custom_field_api.php diff: 603c603,605
|
|
The query needs to be modified to handle public projects. |
|
Yes, and you need an exception for the administrators! (i noticed that the custom field management uses the same querry) |
|
Here ist the SQL that handles public projects: SELECT * Please do the rest by yourself, I have no experience in the Mantis "permission architecture". |
|
Fixed in CVS. core/custom_field_api.php -> 1.52 |
|