Defect #36392
closed
Custom field properties "visible" and "editable" do not work for user
0%
Description
Hi, thank you for developing Redmine, it's a tool that I use daily.
I want to let you know that yesterday I noticed a defect when playing around with custom fields in the context of the `user` entity.
The properties `visible` and `editable` can be deactivated for a custom field, but an existing user is opened the custom field:
- is visible when it should not
- is editable when it should not
Reproduction path:
1. Open Redmine as administrator
2. Change to view "Administration / Custom fields"
3. Create boolean custom field
- name: isActive
- description: whatever
- default value: no
- URL value: leave empty
- display: Checkbox
4. Unset custom field properties in the same view
- visible: [_] (off)
- editable: [_] (off)
5. Save new custom field
6. Change to view "Administration / Users" and select any user
7. The selected user view contains the created custom field "isActive" which is both visible and editable.
Expectation: The selected user view hides the custom field
The affected version is v4.2.3.
Thank you for your attention and your work!
Updated by Go MAEDA over 2 years ago
It is the expected behavior.
Users with administrator privilege bypass all permission checks, so "Visible" and "Editable" checkboxes have no effects for them.
Updated by Boris Schaa over 2 years ago
Go MAEDA wrote:
It is the expected behavior.
Users with administrator privilege bypass all permission checks, so "Visible" and "Editable" checkboxes have no effects for them.
Oh, then my apologies for the extra ticket and my thanks for the swift reply as well! Did I miss the documentation for this behavior then? Maybe the docs on custom fields could use a small clarification. Can I help out here?
Updated by Go MAEDA over 2 years ago
- Status changed from New to Closed
- Resolution set to Invalid
Boris Schaa wrote:
Did I miss the documentation for this behavior then? Maybe the docs on custom fields could use a small clarification. Can I help out here?
Sorry, I don't know where the behavior is documented. Maybe documents should be improved.