View Issue Details

Related ChangesetsJump to NotesJump to History
This bug affects 1 person(s).
 254
IDProjectCategoryView StatusDate SubmittedLast Update
07241Bug reportsSecuritypublic2013-01-28 15:362013-01-30 15:17
Reporterhelper Assigned ToDenisChenu  
PriorityhighSeveritypartial_block 
Status closedResolutionfixed 
Fixed in Version2.00+ 
Summary07241: Administrator that has token Read/view can edit tokens.
Description

Administrator that has token Read/view ONLY can edit tokens.

Steps To Reproduce
  1. Select a survey as a superadmin
  2. Create a test user
  3. Navigate to "Survey properties" > "Survey permissions"
  4. Add the new test user to the survey and check the Read/view permission and save
  5. Logout and login as the test user
  6. Navigate to tokens
  7. Edit a token and save
TagsNo tags attached.
Bug heat254
Complete LimeSurvey version number (& build)130122
I will donate to the project if issue is resolvedNo
BrowserFF
Database type & versionmySQL and Microsoft SQLServer
Server OS (if known)Windows 7 and 2008r2
Webserver software & version (if known)Apache 2.4
PHP Version3.4

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2013-01-29 12:16

developer   ~23874

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=11521
c_schmitz

c_schmitz

2013-01-29 12:44

administrator   ~23878

New version 2.00+ Build 120129 released
DenisChenu

DenisChenu

2013-01-30 15:17

developer   ~23900

Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=11536

Related Changesets

LimeSurvey: master 6be979de

2013-01-29 11:13:30

DenisChenu

Details Diff 		Fixed issue 07241: Administrator that has token Read/view can edit tokens.
Dev: review right for all access of token
Dev: review token bar
Dev: maybe give access for export/import only
Dev: create token table need surveysettings update or tokens create		 Affected Issues
07241
mod - application/controllers/admin/tokens.php Diff File
mod - application/core/Survey_Common_Action.php Diff File
mod - application/views/admin/token/tokenbar.php Diff File
mod - application/views/admin/token/tokenwarning.php Diff File

LimeSurvey: 2.1 0d9d79b6

2013-01-30 14:13:42

DenisChenu

Details Diff 		Fixed issue 07241: Administrator that has token Read/view can edit tokens.
Dev: review right for all access of token
Dev: review token bar with right
Dev: create token table need surveysettings update or tokens create		 Affected Issues
07241
mod - application/controllers/admin/tokens.php Diff File
mod - application/core/Survey_Common_Action.php Diff File
mod - application/views/admin/token/tokenbar.php Diff File
mod - application/views/admin/token/tokenwarning.php Diff File

Issue History

Date Modified Username Field Change
2013-01-28 15:36 helper New Issue
2013-01-29 08:09 DenisChenu Assigned To => DenisChenu
2013-01-29 08:09 DenisChenu Status new => assigned
2013-01-29 12:16 DenisChenu Changeset attached => LimeSurvey master 6be979de
2013-01-29 12:16 DenisChenu Note Added: 23874
2013-01-29 12:16 DenisChenu Resolution open => fixed
2013-01-29 12:16 DenisChenu Status assigned => resolved
2013-01-29 12:16 DenisChenu Fixed in Version => 2.00+
2013-01-29 12:44 c_schmitz Note Added: 23878
2013-01-29 12:44 c_schmitz Status resolved => closed
2013-01-30 15:17 DenisChenu Changeset attached => LimeSurvey 2.1 0d9d79b6
2013-01-30 15:17 DenisChenu Note Added: 23900