Patch #11818
closedRedmine.pm fails when permissions are NULL
0%
Description
Steps to reproduce:
1) Setup SVN access using this guid http://www.redmine.org/projects/redmine/wiki/Repositories_access_control_with_apache_mod_dav_svn_and_mod_perl
2) Create a public project "FOO" and a corresponding svn repo
3) Remove all permissions from anonymous user
4) Add user "BAR" as a member of "FOO" project with read svn permissions
5) Execute this SQL query:
SELECT hashed_password, salt, auth_source_id, permissions FROM projects, users, roles WHERE users.login='BAR' AND projects.identifier='FOO' AND users.status=1 AND ( roles.id IN ( SELECT member_roles.role_id FROM members, member_roles WHERE members.user_id = users.id AND members.project_id = projects.id AND members.id = member_roles.member_id ) OR ( roles.builtin=1 AND cast(projects.is_public as CHAR) IN ('t', '1') AND ) );
6) Login to http://svn_server/FOO using user "BAR" credentials
Expected behavior:
1) result of query in step 5 has 1 line with non-null permissions
2) I can browse svn via browser
Actual behavior:
1) result of query in step 5 has 2 lines one of which has null permissions
2) I see error 500 in the browser
A patch to fix this problem is attached
Files
Updated by John Yani almost 12 years ago
Remove redundant "AND" in the SQL query
Updated by John Yani almost 12 years ago
The error before the patch was:Use of uninitialized value $permissions in pattern match (m//) at /usr/lib/perl5/Apache/Redmine.pm line 359, <DATA> line 522.\n
Updated by Etienne Massip almost 12 years ago
- Status changed from Resolved to New
Updated by Jean-Philippe Lang almost 12 years ago
- Status changed from New to Closed
- Assignee set to Jean-Philippe Lang
- Target version set to 2.1.0
Fix committed in r10375, thanks.