View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0027144||mantisbt||code cleanup||public||2020-08-09 11:21||2021-03-25 21:09|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Target Version||2.25.0||Fixed in Version||2.25.0|
|Summary||0027144: Data integrity: ensure users' default_project preference is a valid project|
Currently, it is possible for a user's default project setting (user_pref_table.default_project) to contain an invalid project id.
This can happen when the user is removed from the list of allowed users on a private project, or when a project becomes private or is deleted.
While this does not have direct consequences in the MantisBT UI because it transparently copes with it, in terms of data integrity this should not happen.
The issue was identified while reviewing the patch for 0026988 - see https://github.com/mantisbt/mantisbt/pull/1677#issuecomment-637686480
|Tags||No tags attached.|
MantisBT: master 5acff67b
2020-08-07 19:26:53Details Diff
|New User Pref API functions to clear project_default
|mod - core/user_pref_api.php||Diff File|
MantisBT: master 6023c6bc
2020-08-07 19:49:54Details Diff
|Ensure default_project pref is a valid project
It was possible for a user's default project setting to contain an
invalid project id (user_pref_table.default_project). This can happen
when the user is removed from the list of allowed users on a private
project, or when a project becomes private or is deleted. While this
does not impact the MantisBT UI which transparently copes with it, in
terms of data integrity this should not happen.
We now set default_project to ALL_PROJECTS (0) when users no longer have
access to their default project.
|mod - core/project_api.php||Diff File|