0004923: Updating bug not possible for certain roles - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0004923	mantisbt	bugtracker	public	2004-11-30 08:15	2004-12-11 03:02

Reporter	synlogic	Assigned To	thraxisp
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	0.19.1
Fixed in Version	0.19.2

Summary	0004923: Updating bug not possible for certain roles
Description	I've set the "$g_update_bug_threshold" to UPDATER. But still, users in the role UPDATER cannot edit the bug. They can access the "bug_update_page.php", but when trying to save, an access_denied occurs. For administrators & developers, it works fine. Could this be related to the "access_denied()"-check in "bug_update.php"? Or is there another configuration option which needs to be set for an updater to be able to edit bugs?
Tags	No tags attached.

thraxisp 2004-12-01 11:20 reporter ~0008477	This seems to be an oversight in access checks in bug_update.php.

thraxisp 2004-12-01 11:38 reporter ~0008478	This is specifically the case where $g_set_status_threshold is set higher than $g_update_bug_threshold. In this case, the user should be able to edit the text of the bug, but not change the status.