Project

General

Profile

Actions

Defect #20469

open

Document Access

Added by santhosh narayana over 8 years ago. Updated over 8 years ago.

Status:
Needs feedback
Priority:
Normal
Assignee:
-
Category:
Documents
Target version:
-
Start date:
Due date:
2015-09-05 (over 8 years late)
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

Have two projects : Project1, Project2

Member1 assigned to Project1, Member2 assigned to Project2.

Member1 uploaded document, doc1 in one of the issue under Project1
Member2 uploaded document, doc2 in one of the issue under Project2

Member1 able to access doc2 !
https://<application.com>/requests_download/40924

Member2 able to access doc1 !
https://<application.com>/requests_download/40923

Found that anyone can access any document - document added in wiki page, file uploaded in an issue, documents added in "Files" module.

Please let us know how to fix this ?

Actions #1

Updated by Jan Niggemann (redmine.org team member) over 8 years ago

  • Due date set to 2015-09-05
  • Status changed from New to Needs feedback

How are the members and roles set up? Are both members administrators? Do both projects share same root (look at RedmineProjectSettings)?

Actions

Also available in: Atom PDF