Project

General

Profile

Actions
Copy link

Defect #36446

closed

Watchers autocomplete fails with 403 error when the search is made from multiple objects with different projects

Added by Dmitry Makurin over 1 year ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Marius BALTEANU
Category:
UI
Target version:
4.2.4
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

Autocomplete is broken when bulk adding watchers for issues from different projects.

How to reproduce:

1. Open /issues.
2. Select two issues from different projects.
3. Press RMB.
4. Watchers => Add.
5. List of users will be shown.
6. Try to filter users.

This is happens because WatchersController can't find project for New and Autocomplete_for_user actions and authorize a user.

Files

36446.patch (3.25 KB) 36446.patch Dmitry Makurin , 2022-01-18 12:45
Actions
Copy link
 #2

Updated by Go MAEDA over 1 year ago

  • Tracker changed from Patch to Defect
  • Category set to UI
  • Status changed from New to Confirmed

Confirmed the issue. WatchersController#autocomplete_for_user returns 403 and the autocomplete does not work.

Started GET "/watchers/autocomplete_for_user?object_type=issue&q=dave" for 127.0.0.1 at 2022-01-19 11:42:57 +0900
Processing by WatchersController#autocomplete_for_user as */*
  Parameters: {"object_type"=>"issue", "q"=>"dave"}
  Current user: admin (id=1)
  Rendered common/error.html.erb (Duration: 1.2ms | Allocations: 228)
Filter chain halted as :authorize rendered or redirected
Completed 403 Forbidden in 17ms (Views: 2.5ms | ActiveRecord: 10.8ms | Allocations: 1896)
Actions
Copy link
 #3

Updated by Go MAEDA over 1 year ago

  • Target version set to Candidate for next minor release
Actions
Copy link
 #4

Updated by Marius BALTEANU over 1 year ago

  • Assignee set to Marius BALTEANU
Actions
Copy link
 #5

Updated by Marius BALTEANU over 1 year ago

  • Target version changed from Candidate for next minor release to 4.1.6
Actions
Copy link
 #6

Updated by Marius BALTEANU over 1 year ago

  • Status changed from Confirmed to Resolved
  • Resolution set to Fixed

Fix committed, thanks!

Actions
Copy link
 #7

Updated by Marius BALTEANU over 1 year ago

  • Target version changed from 4.1.6 to 4.2.4

Changing target version to 4.2.4 because the change has conflicts on 4.1-stable.

Actions
Copy link
 #8

Updated by Marius BALTEANU over 1 year ago

  • Subject changed from Autocomplete for users fails with 403 error to Watchers autocomplete fails with 403 error when the search is made from multiple objects with different projects
Actions
Copy link
 #9

Updated by Marius BALTEANU over 1 year ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF