Actions
Defect #35186
closed
wrong user in version logs
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Invalid
Affected version:
Description
In
https://www.redmine.org/projects/redmine/repository
we see the author.
As git is also a version control system in redmine:
the logs may show the wrong author.
- A new redmine instance
- With git version enabled, (maybe the same problem exists with svn, using the .subversion/servers file)
- Create 2 users: joe and donald
- Create a new project with repositories (git, svn, ..)
- assign joe to the project (donald assigned or not: both tests can be done, for now don't assign donald)
- Clone the git repo as joe (hence use the auth credentials of joe)
- commit and push something
- normally the author in the redmine website will say joe for this commit
- now run in the locally cloned repo: $git config user.name donald
- commit and push something
- probably the author in the redmine website will say donald for this commit, even though it was authenticated and done by joe..
- what is more: the user page of donald will say he made a commit (which of course joe did, donald did not)
as there are several users who have accounts on different project management servers/services,
this also occurs when joe has a global git config user.name donald set.
Version used: 3.3.1 Stable (did not test above this version)
possibly related to #5768 ?
(the names joe and donald were chosen at random)
Updated by 
Updated by
Actions