Patch #11818
Redmine.pm fails when permissions are NULL
Status: | Closed | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | % Done: | 0% | ||
Category: | SCM extra | |||
Target version: | 2.1.0 |
Description
Steps to reproduce:
1) Setup SVN access using this guid http://www.redmine.org/projects/redmine/wiki/Repositories_access_control_with_apache_mod_dav_svn_and_mod_perl
2) Create a public project "FOO" and a corresponding svn repo
3) Remove all permissions from anonymous user
4) Add user "BAR" as a member of "FOO" project with read svn permissions
5) Execute this SQL query:
SELECT hashed_password, salt, auth_source_id, permissions FROM projects, users, roles WHERE users.login='BAR' AND projects.identifier='FOO' AND users.status=1 AND ( roles.id IN ( SELECT member_roles.role_id FROM members, member_roles WHERE members.user_id = users.id AND members.project_id = projects.id AND members.id = member_roles.member_id ) OR ( roles.builtin=1 AND cast(projects.is_public as CHAR) IN ('t', '1') AND ) );
6) Login to http://svn_server/FOO using user "BAR" credentials
Expected behavior:
1) result of query in step 5 has 1 line with non-null permissions
2) I can browse svn via browser
Actual behavior:
1) result of query in step 5 has 2 lines one of which has null permissions
2) I see error 500 in the browser
A patch to fix this problem is attached
Associated revisions
Redmine.pm fails when permissions are NULL (#11818).
Contributed by John Yani.
History
#1
Updated by John Yani almost 10 years ago
Remove redundant "AND" in the SQL query
#2
Updated by John Yani almost 10 years ago
The error before the patch was:Use of uninitialized value $permissions in pattern match (m//) at /usr/lib/perl5/Apache/Redmine.pm line 359, <DATA> line 522.\n
#3
Updated by sam andro almost 10 years ago
- Status changed from New to Resolved
#4
Updated by Etienne Massip almost 10 years ago
- Status changed from Resolved to New
#5
Updated by Jean-Philippe Lang almost 10 years ago
- Status changed from New to Closed
- Assignee set to Jean-Philippe Lang
- Target version set to 2.1.0
Fix committed in r10375, thanks.