View Issue Details

IDProjectCategoryView StatusLast Update
0009728mantisbtadministrationpublic2009-01-15 11:26
Reportereiben Assigned Tojreese  
Status closedResolutionfixed 
PlatformPCOSLinuxOS Version1.2.0a2
Product Version1.2.0a2 
Fixed in Version1.2.0a3 
Summary0009728: Project-Manager cannot update Project-Categories

I just stumbled across this error: I have a project with a project-manager assigned. While this manager can add new categories alright, whenever he tries to update an existing category he gets an ACCESS_DENIED error.

I figured, that in the manage_proj_cat_edit_page.php the project_id field is missing, so the

access_ensure_project_level( config_get( 'manage_project_threshold' ), $f_project_id );

always tests for the permission on ALL_PROJECTS (because of

$f_project_id = gpc_get_int( 'project_id', ALL_PROJECTS );

However, by adding

<input type="hidden" name="project_id" value="<?php echo $f_project_id ?>" />

to the manage_proj_cat_edit_page.php the problem could be resolved :)

TagsNo tags attached.
Attached Files
cat_edit_page.patch (382 bytes)   
*** webroot/manage_proj_cat_edit_page.php.orig	Wed Oct 22 11:24:46 2008
--- webroot/manage_proj_cat_edit_page.php	Wed Oct 22 11:15:10 2008
*** 53,56 ****
--- 53,57 ----
  	<td class="form-title" colspan="2">
+ 		<input type="hidden" name="project_id" value="<?php echo $f_project_id ?>" />
  		<?php echo lang_get( 'edit_project_category_title' ) ?>
cat_edit_page.patch (382 bytes)   




2008-10-22 05:27

reporter   ~0019630

I attached a small patch for this bug :)



2008-10-22 08:42

reporter   ~0019633

Fixed in SVN trunk, r5709. Thanks for catching and reporting this.

Related Changesets

MantisBT: master 67313fa8

2008-10-22 08:41


Details Diff
Fix 0009728: Project ID was not passed when editing categories.

git-svn-id: <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9
Affected Issues
mod - manage_proj_cat_edit_page.php Diff File