Relationship Graph

View IssueDependency GraphShow Summary
Relationship Graph
related to related to child of child of duplicate of duplicate of

View Issue Details

Related ChangesetsJump to NotesJump to History
This bug affects 1 person(s).
 8
IDProjectCategoryView StatusDate SubmittedLast Update
10829Bug reportsOtherpublic2016-03-24 14:072016-04-18 22:48
Reportertpartner Assigned Toollehar  
PriorityurgentSeveritypartial_block 
Status closedResolutionfixed 
Product Version2.50.x 
Target Version2.50.xFixed in Version2.50.x 
Summary10829: Survey admins presented with inappropriate control buttons
Description

If a survey admin has only permissions to Veiw/read a survey and View/read the survey responses, they are presented with inappropriate buttons to edit the survey and elements.

Steps To Reproduce

1) Create new user

2) Global permissions:

  • only "Use internal database authentication"
    (screenshot capture3.png)

3) Survey permissions:

  • "Survey content" = "View/read"
  • "Responses" = "View/read", "Export"
  • "Statistics" = "View/read"
    (screenshot capture4.png)
Additional Information

1) In the survey list (screenshot capture5.png), the user can see edit and trash buttons that result in errors.
These buttons should not be available.

2) In the List groups and List questions views (screenshot capture6.png), the user can see an edit button that results in an editor opening. Using the editor and saving results in being bounced to the admin landing screen.
These buttons should not be available.

3) In Group summary view (screenshot capture7.png), the user can see an "Add new question to group" button that results in an editor opening. Using the editor and saving results in being bounced to the admin landing screen.
This button should not be available.

4) In Question summary view (screenshot capture8.png), the user can see an several buttons that either don't work at all or result in errors.
These buttons/controls should not be available.

TagsNo tags attached.
Attached Files
capture3.png (56,706 bytes)   
capture3.png (56,706 bytes)   
capture4.png (61,332 bytes)   
capture4.png (61,332 bytes)   
capture5.png (21,014 bytes)   
capture5.png (21,014 bytes)   
capture6.png (23,675 bytes)   
capture6.png (23,675 bytes)   
capture7.png (21,061 bytes)   
capture7.png (21,061 bytes)   
capture8.png (60,641 bytes)   
capture8.png (60,641 bytes)   
Bug heat8
Complete LimeSurvey version number (& build) c55c3d0
I will donate to the project if issue is resolvedNo
BrowserN/A
Database type & versionN/A
Server OS (if known)N/A
Webserver software & version (if known)N/A
PHP VersionN/A

Relationships

Relationship GraphDependency Graph
related to 10822 closedLouisGac Groups Edit-Form while no Rights to edit? 

Activities

tpartner

tpartner

2016-03-24 14:09

partner   ~36784

...there may be more of these in different views but I have not explored.
DenisChenu

DenisChenu

2016-03-24 16:04

developer   ~36793

Edit question : we have it in 2.06 : but without the submit button. More easy to copy/paste code.
ollehar

ollehar

2016-04-15 11:27

administrator   ~37436

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18573
ollehar

ollehar

2016-04-15 11:49

administrator   ~37439

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18575
ollehar

ollehar

2016-04-15 11:57

administrator   ~37441

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18576
ollehar

ollehar

2016-04-15 12:07

administrator   ~37442

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18578
ollehar

ollehar

2016-04-15 12:24

administrator   ~37445

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18579
ollehar

ollehar

2016-04-15 12:44

administrator   ~37446

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18580
ollehar

ollehar

2016-04-15 13:00

administrator   ~37450

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18581
ollehar

ollehar

2016-04-15 13:04

administrator   ~37451

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18582
ollehar

ollehar

2016-04-15 13:09

administrator   ~37452

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18583
ollehar

ollehar

2016-04-15 13:28

administrator   ~37453

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18584
ollehar

ollehar

2016-04-15 14:12

administrator   ~37458

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18586
ollehar

ollehar

2016-04-15 14:20

administrator   ~37460

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18587
ollehar

ollehar

2016-04-15 14:22

administrator   ~37461

Fixed. Please check and confirm at next release.
c_schmitz

c_schmitz

2016-04-18 22:48

administrator   ~37524

Version 2.06LTS Build 160417 released
Version 2.50+ Build 160418 released

Related Changesets

LimeSurvey: master 5d07be39

2016-04-15 09:26:34

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Style error message at "Access denied".		 Affected Issues
10829
mod - application/controllers/admin/surveyadmin.php Diff File

LimeSurvey: master 88f3073b

2016-04-15 09:38:41

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Add redirect after denied access.		 Affected Issues
10829
mod - application/controllers/admin/questiongroups.php Diff File

LimeSurvey: master ec54b9f3

2016-04-15 09:48:47

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Add permission check for edit question.		 Affected Issues
10829
mod - application/controllers/admin/questiongroups.php Diff File
mod - application/controllers/admin/questions.php Diff File

LimeSurvey: master 956cb4e4

2016-04-15 09:55:38

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide non-permitted buttons from survey list.		 Affected Issues
10829
mod - application/controllers/admin/surveyadmin.php Diff File
mod - application/models/Survey.php Diff File

LimeSurvey: master 6abfae5a

2016-04-15 10:06:45

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Fix permissions for question explorer add-buttons.		 Affected Issues
10829
mod - application/views/admin/super/_question_explorer.php Diff File

LimeSurvey: master f9cefc75

2016-04-15 10:23:32

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Only show survey properties menu if at least one item is permitted.		 Affected Issues
10829
mod - application/core/Survey_Common_Action.php Diff File
mod - application/views/admin/survey/surveybar_view.php Diff File

LimeSurvey: master 65d409f6

2016-04-15 10:44:09

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide tools menu if no items are permitted.		 Affected Issues
10829
mod - application/core/Survey_Common_Action.php Diff File
mod - application/views/admin/survey/surveybar_view.php Diff File

LimeSurvey: master 64248d5c

2016-04-15 10:59:43

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Don't allow to display reorder form if no update permission.		 Affected Issues
10829
mod - application/controllers/admin/surveyadmin.php Diff File

LimeSurvey: master 9797975d

2016-04-15 11:04:06

ollehar

Details Diff 		Fixed update 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide reorder button in side-menu if user has no update permission.		 Affected Issues
10829
mod - application/core/Survey_Common_Action.php Diff File
mod - application/views/admin/super/sidemenu.php Diff File

LimeSurvey: master 327dd94c

2016-04-15 11:08:41

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide edit buttons in question group list if user lacks permission.		 Affected Issues
10829
mod - application/models/QuestionGroup.php Diff File

LimeSurvey: master 69f0dbe1

2016-04-15 11:28:28

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide buttons in question list.		 Affected Issues
10829
mod - application/models/Question.php Diff File

LimeSurvey: master 7b1583ca

2016-04-15 12:11:52

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide subquestion and answer buttons if user lacks permissions.		 Affected Issues
10829
mod - application/controllers/admin/questions.php Diff File
mod - application/views/admin/survey/Question/question_view.php Diff File
mod - application/views/admin/survey/Question/questionbar_view.php Diff File

LimeSurvey: master c61885c8

2016-04-15 12:19:25

ollehar

Details Diff 		Fixed issue 10829: Survey admins presented with inappropriate control
buttons

Dev: Hide template carousel and survey format (group-by-group etc)
Dev: if user lacks survey update permissions.		 Affected Issues
10829
mod - application/views/admin/survey/QuestionGroups/questiongroupbar_view.php Diff File
mod - application/views/admin/survey/surveySummary_view.php Diff File

Issue History

Date Modified Username Field Change
2016-03-24 14:07 tpartner New Issue
2016-03-24 14:07 tpartner File Added: capture3.png
2016-03-24 14:07 tpartner File Added: capture4.png
2016-03-24 14:08 tpartner File Added: capture5.png
2016-03-24 14:08 tpartner File Added: capture6.png
2016-03-24 14:08 tpartner File Added: capture7.png
2016-03-24 14:08 tpartner File Added: capture8.png
2016-03-24 14:09 tpartner Note Added: 36784
2016-03-24 16:04 DenisChenu Note Added: 36793
2016-03-24 16:08 DenisChenu Relationship added related to 10822
2016-04-04 09:43 c_schmitz Priority none => urgent
2016-04-04 09:44 c_schmitz Assigned To => LouisGac
2016-04-04 09:44 c_schmitz Status new => assigned
2016-04-12 14:24 ollehar Assigned To LouisGac => ollehar
2016-04-15 11:27 ollehar Changeset attached => LimeSurvey master 5d07be39
2016-04-15 11:27 ollehar Note Added: 37436
2016-04-15 11:27 ollehar Resolution open => fixed
2016-04-15 11:49 ollehar Changeset attached => LimeSurvey master 88f3073b
2016-04-15 11:49 ollehar Changeset attached => LimeSurvey master ec54b9f3
2016-04-15 11:49 ollehar Note Added: 37439
2016-04-15 11:57 ollehar Changeset attached => LimeSurvey master 956cb4e4
2016-04-15 11:57 ollehar Note Added: 37441
2016-04-15 12:07 ollehar Changeset attached => LimeSurvey master 6abfae5a
2016-04-15 12:07 ollehar Note Added: 37442
2016-04-15 12:24 ollehar Changeset attached => LimeSurvey master f9cefc75
2016-04-15 12:24 ollehar Note Added: 37445
2016-04-15 12:44 ollehar Changeset attached => LimeSurvey master 65d409f6
2016-04-15 12:44 ollehar Note Added: 37446
2016-04-15 13:00 ollehar Changeset attached => LimeSurvey master 64248d5c
2016-04-15 13:00 ollehar Note Added: 37450
2016-04-15 13:04 ollehar Changeset attached => LimeSurvey master 9797975d
2016-04-15 13:04 ollehar Note Added: 37451
2016-04-15 13:09 ollehar Changeset attached => LimeSurvey master 327dd94c
2016-04-15 13:09 ollehar Note Added: 37452
2016-04-15 13:28 ollehar Changeset attached => LimeSurvey master 69f0dbe1
2016-04-15 13:28 ollehar Note Added: 37453
2016-04-15 14:12 ollehar Changeset attached => LimeSurvey master 7b1583ca
2016-04-15 14:12 ollehar Note Added: 37458
2016-04-15 14:20 ollehar Changeset attached => LimeSurvey master c61885c8
2016-04-15 14:20 ollehar Note Added: 37460
2016-04-15 14:22 ollehar Note Added: 37461
2016-04-15 14:22 ollehar Status assigned => resolved
2016-04-15 14:22 ollehar Fixed in Version => 2.5
2016-04-18 22:48 c_schmitz Note Added: 37524
2016-04-18 22:48 c_schmitz Status resolved => closed