Defect #36446
Watchers autocomplete fails with 403 error when the search is made from multiple objects with different projects
Status: | Closed | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | % Done: | 0% | ||
Category: | UI | |||
Target version: | 4.2.4 | |||
Resolution: | Fixed | Affected version: |
Description
Autocomplete is broken when bulk adding watchers for issues from different projects.
How to reproduce:
1. Open /issues.
2. Select two issues from different projects.
3. Press RMB.
4. Watchers => Add.
5. List of users will be shown.
6. Try to filter users.
This is happens because WatchersController
can't find project for New
and Autocomplete_for_user
actions and authorize a user.
Associated revisions
Fix autocomplete for users fails with 403 error when there are multiple objects from different projects (#36446).
Patch by Dmitry Makurin.
History
#1
Updated by Dmitry Makurin 4 months ago
- File 36446.patch
added
#2
Updated by Go MAEDA 4 months ago
- Tracker changed from Patch to Defect
- Category set to UI
- Status changed from New to Confirmed
Confirmed the issue. WatchersController#autocomplete_for_user returns 403 and the autocomplete does not work.
Started GET "/watchers/autocomplete_for_user?object_type=issue&q=dave" for 127.0.0.1 at 2022-01-19 11:42:57 +0900 Processing by WatchersController#autocomplete_for_user as */* Parameters: {"object_type"=>"issue", "q"=>"dave"} Current user: admin (id=1) Rendered common/error.html.erb (Duration: 1.2ms | Allocations: 228) Filter chain halted as :authorize rendered or redirected Completed 403 Forbidden in 17ms (Views: 2.5ms | ActiveRecord: 10.8ms | Allocations: 1896)
#4
Updated by Marius BALTEANU 4 months ago
- Assignee set to Marius BALTEANU
#5
Updated by Marius BALTEANU 4 months ago
- Target version changed from Candidate for next minor release to 4.1.6
#6
Updated by Marius BALTEANU 4 months ago
- Status changed from Confirmed to Resolved
- Resolution set to Fixed
Fix committed, thanks!
#7
Updated by Marius BALTEANU 4 months ago
- Target version changed from 4.1.6 to 4.2.4
Changing target version to 4.2.4 because the change has conflicts on 4.1-stable.
#8
Updated by Marius BALTEANU 4 months ago
- Subject changed from Autocomplete for users fails with 403 error to Watchers autocomplete fails with 403 error when the search is made from multiple objects with different projects
#9
Updated by Marius BALTEANU 4 months ago
- Status changed from Resolved to Closed