View Issue Details

Related ChangesetsJump to NotesJump to History
This bug affects 1 person(s).
 4
IDProjectCategoryView StatusDate SubmittedLast Update
10822Bug reportsUser / Groups / Rolespublic2016-03-24 10:222016-05-06 10:11
ReporterMIAdx Assigned ToLouisGac 
PriorityhighSeveritypartial_block 
Status closedResolutionfixed 
Product Version2.50.x 
Summary10822: Groups Edit-Form while no Rights to edit?
Description

When accessing the User-Groups Lists, a User can see the "Edit User-Group" Button and (after clicking) the Form, even if he has no rights for that group. In fact he cant edit it. The form is empty and changes are ignored. But still, it's irritating for users, specially unexpirenced once.

Steps To Reproduce

  • Open User-Groups List/Confuguration with User with basic User-Group-Rights (Create, Show, Update)

  • User can the Edit-Button and -Form of Groups he has no rights for, i.e. groups created by admin.

  • User cant change anything, but is "locked" on that form/page. Clicking Save or Close just reloads the current page (edit form).

TagsNo tags attached.
Bug heat4
Complete LimeSurvey version number (& build)Version 2.50+ Build 160309
I will donate to the project if issue is resolvedNo
BrowserFF
Database type & version5.x
Server OS (if known)Linux
Webserver software & version (if known)httpd
PHP Version5.4.x

Relationships

Relationship GraphDependency Graph
related to 10829 closedollehar Survey admins presented with inappropriate control buttons 

Users monitoring this issue

There are no users monitoring this issue.

Activities

LouisGac

LouisGac

2016-05-04 15:49

developer   ~38204

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=18890
c_schmitz

c_schmitz

2016-05-06 10:11

administrator   ~38229

Version 2.50+ Build 160506 released

Related Changesets

LimeSurvey: master 5a2e0bb8

2016-05-04 15:49

LouisGac


Details Diff		 Fixed issue 10822: Groups Edit-Form while no Rights to edit? When accessing the User-Groups Lists, a User can see the "Edit User-Group" Button and (after clicking) the Form, even if he has no rights for that group. Affected Issues
10822
mod - application/controllers/admin/usergroups.php Diff File
mod - application/models/UserGroup.php Diff File

Issue History

Date Modified Username Field Change
2016-03-24 10:22 MIAdx New Issue
2016-03-24 16:08 DenisChenu Relationship added related to 10829
2016-04-04 09:45 c_schmitz Assigned To => LouisGac
2016-04-04 09:45 c_schmitz Status new => assigned
2016-04-04 09:45 c_schmitz Severity minor => partial_block
2016-05-02 18:15 LouisGac Priority none => high
2016-05-04 12:49 LouisGac Sticky Issue No => Yes
2016-05-04 15:49 LouisGac Sticky Issue Yes => No
2016-05-04 15:49 LouisGac Changeset attached => LimeSurvey master 5a2e0bb8
2016-05-04 15:49 LouisGac Note Added: 38204
2016-05-04 15:49 LouisGac Resolution open => fixed
2016-05-04 15:49 LouisGac Status assigned => resolved
2016-05-06 10:11 c_schmitz Note Added: 38229
2016-05-06 10:11 c_schmitz Status resolved => closed
2019-11-01 17:26 c_schmitz Category User/User groups => User / Groups / Roles