Defect #17669

Non admin users can't modify public queries for all project

Added by Sébastien Pochiero over 6 years ago. Updated over 6 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Projects
Target version:-
Resolution:Invalid Affected version:2.5.0

Description

non admin users can't modify/suppress public queries howhever the permission is checked in roles configuration.

Related issues

Related to Redmine - Defect #14239: Error 403 when trying to edit custom query Closed
Related to Redmine - Defect #28264: Global and public custom queries are shown as editable to... Closed

History

#1 Updated by Sébastien Pochiero over 6 years ago

  • Status changed from New to Resolved

i found the solution in app\models\query.rb :
"Members can not edit public queries that are for all project (only admin is allowed to)"

i replaced the line :
"is_public? && !@is_for_all && user.allowed_to?(:manage_public_queries, project)"
by :
"is_public? && user.allowed_to?(:manage_public_queries, nil, :global => true)"

#2 Updated by Toshi MARUYAMA over 6 years ago

  • Status changed from Resolved to New
  • Target version set to 2.5.3

#3 Updated by Toshi MARUYAMA over 6 years ago

  • Target version deleted (2.5.3)

#4 Updated by Toshi MARUYAMA over 6 years ago

  • Status changed from New to Closed
  • Target version set to 2.5.3
  • Resolution set to Invalid

Source comment says it is intentional.
source:tags/2.5.2/app/models/query.rb#L271

    # Members can not edit public queries that are for all project (only admin is allowed to)
    is_public? && !@is_for_all && user.allowed_to?(:manage_public_queries, project)

#5 Updated by Toshi MARUYAMA over 6 years ago

  • Subject changed from Can't modify public reports for non admin users. to Can't modify public queries for non admin users.

#6 Updated by Toshi MARUYAMA over 6 years ago

  • Target version deleted (2.5.3)

#7 Updated by Toshi MARUYAMA over 6 years ago

  • Subject changed from Can't modify public queries for non admin users. to Non admin users can't modify public queries for all project

#8 Updated by Jean-Baptiste Barth over 6 years ago

If I understand correctly, you'd like a user who only has rights on Project A to manage a public query that is also used by Project B ? If so I don't think this is a good idea in the general case, and I'm OK with the actual default behaviour. If you really need this maybe you could make a simple plugin or keep the local patch you found. If I don't understand the request correctly, please correct me ;-)

#9 Updated by Toshi MARUYAMA over 6 years ago

  • Related to Defect #14239: Error 403 when trying to edit custom query added

#10 Updated by Marius BALTEANU about 3 years ago

  • Related to Defect #28264: Global and public custom queries are shown as editable to non administrators in projects added

Also available in: Atom PDF