View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0025709 | mantisbt | bugtracker | public | 2019-04-22 03:07 | 2019-04-22 03:07 |
Reporter | 123 | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | new | Resolution | open | ||
Summary | 0025709: Global and local user rights when creating new users. | ||||
Description | Reflecting on the refinement of the process of creating new users, I found a problem that also affects 0025682. I noticed that when adding the “Invite button” button to the top panel, the access_has_global_level (config_get ('manage_user_threshold')) function checks the user's global access level, but does not take into account the local access level to the project. Because of what non-logical system behavior may occur. Moreover, at the moment on the manage_user_edit_page.php page, in the manage_user_proj_add block, the list of unassigned projects is formed without taking into account user access (manage_user_threshold) to the project, although the binding process that is performed in manage_user_proj_add.php takes into account access rights to the project, which leads to the omission of this project without any indication of an error. What do you think about it? | ||||
Tags | No tags attached. | ||||