View Issue Details

IDProjectCategoryView StatusLast Update
0026988mantisbtpreferencespublic2020-05-29 18:08
Reportermaturbet Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status confirmedResolutionopen 
PlatformVMOSdebianOS Version10.3
Product Version2.24.1 
Summary0026988: issue report TOO_MANY_REDIRECTS
Description

There is a redirection loop at "issue report" when the default project rights have been removed for a viewer user.

Steps To Reproduce
  1. Setup Mantis with just 3 private projects A, B and C
  2. Give "reporter" access on all 3 projects to a "viewer" user
  3. The user choose project B as default project in his preferences
  4. Remove access to the project B for the user
    4.1. User see "All Projects" as default project in his preferences
    4.2. Admin see B as default project in user preferences
  5. User click on "Report Issue"
    => redirection loop
Additional Information
  1. User return to the previous page
  2. In his preferences, user click "Update Prefs" without changing annything
  3. User click on "Report Issue"
    => All is OK
Tagspatch

Activities

maturbet

maturbet

2020-05-28 12:19

reporter   ~0064033

PR : https://github.com/mantisbt/mantisbt/pull/1677

dregad

dregad

2020-05-29 05:03

developer   ~0064039

I tried on my dev box, but I'm not able to reproduce the problem.

After revoking REPORTER rights on project B (step 3), in my case the user preferences still show it as the default project (i.e. not All Projects), I guess because the user still has viewer rights to project B.

Trying to report an issue at that point, displays the Choose Project page (login_select_proj_page.php), where the only select-able project is A (other available projects are listed but grayed out).

Maybe I'm missing something ?

maturbet

maturbet

2020-05-29 05:21

reporter   ~0064040

In our configuration, we have only private projects.
It seem to be OK with public ones.

dregad

dregad

2020-05-29 08:11

developer   ~0064042

OK, I didn't consider private projects. So I setup a fresh install with 2 private projects, but still can't reproduce...

4.1. User see "All Projects" as default project in his preferences

Here I see that the default project is A, even though in the DB it is indeed still stored as B.

  1. User click on "Report Issue"

No error, issue gets created in project A, as expected.

maturbet

maturbet

2020-05-29 08:25

reporter   ~0064043

Last edited: 2020-05-29 11:36

View 2 revisions

My bad ! I forget one (again) thing in the description.
Indeed, if there is only one project left, it becomes the default one and the bug doesn't happen.
Can you redo the test with a third project C ?

dregad

dregad

2020-05-29 18:08

developer   ~0064051

OK now I can reproduce - updated the issue's description

Issue History

Date Modified Username Field Change
2020-05-27 04:46 maturbet New Issue
2020-05-28 12:19 maturbet Note Added: 0064033
2020-05-29 05:03 dregad Assigned To => dregad
2020-05-29 05:03 dregad Status new => feedback
2020-05-29 05:03 dregad Note Added: 0064039
2020-05-29 05:03 dregad Tag Attached: patch
2020-05-29 05:04 dregad Assigned To dregad =>
2020-05-29 05:21 maturbet Note Added: 0064040
2020-05-29 05:21 maturbet Status feedback => new
2020-05-29 08:11 dregad Note Added: 0064042
2020-05-29 08:25 maturbet Note Added: 0064043
2020-05-29 11:36 maturbet Note Edited: 0064043 View Revisions
2020-05-29 18:08 dregad Status new => confirmed
2020-05-29 18:08 dregad Steps to Reproduce Updated View Revisions
2020-05-29 18:08 dregad Note Added: 0064051