Defect #9500: Watchers list before and after creation issue - Redmine

Custom queries

Documentation issues
Open defects
Open features
Patch queue
Plugin issues
Translation patches

Actions

Copy link

Defect #9500

open

Watchers list before and after creation issue

Added by Boris Ershov about 13 years ago. Updated almost 12 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Issues

Target version:

Start date:

2011-10-31

Due date:

% Done:

Estimated time:

Resolution:

Affected version:

1.2.1

Description

Hello!

When I'm creating a new issue - I can add as watchers all users in current project (with all "issues visibility" permissions), but after creation issue I can add watchers only with "All non private issues" in "Issues visibility" (new issue is not private).
Can you tell me how can I fix it? I need to have the same list of the watchers before and after creation issue.

I have Redmine 1.2.1.

Thank you!

Related issues

Related to Redmine - Defect #15123: "Add watcher" leaks all active users

Closed

Actions

Related to Redmine - Feature #11724: Prevent users from seeing other users based on their project membership

Closed

Jean-Philippe Lang

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by Etienne Massip about 13 years ago

Category set to Issues

Actions

Copy link

Updated by Etienne Massip about 13 years ago

Affected version (unused) set to 1.2.1
Affected version set to 1.2.1

Actions

Copy link

Updated by Mischa The Evil about 13 years ago

I can confirm this issue. I came around this first while doing research for #9330 but failed to report it properly yet :-/

What I can remember of this is that this is due to the fact that the used add-watcher mechanism is different at both states (during issue creation and after issue creation).

During issue creation the addable watcher users are retrieved via source:/trunk/app/views/issues/_form.html.erb@7791#L32 which proposes all members of the project wherein the issue is being created as addable watcher users:

<% @issue.project.users.sort.each do |user| -%>

After issue creation the addable watcher users are retrieved via source:/trunk/app/views/watchers/_watchers.html.erb@7791#L19 which correctly proposes only the users who have actual permission to watch the to-be watched object as addable watcher users:

<p><%= f.select :user_id, (watched.addable_watcher_users.collect {|m| [m.name, m.id]}), :prompt => "--- #{l(:actionview_instancetag_blank_option)} ---" %>

This "way of retrieving" addable watcher users has some extras like:

r3170, Users can not watch what they are not allowed to view.
r5876, Users that can't view an issue are not proposed as watchers
r5880, Fixed: validation error on issue creation when trying to add an invalid user as a watcher

Based on the above I'd suggest to change the way how addable watcher users are retrieved during issue creation. Instead of proposing @issue.project.users I think it would be better if watched.addable_watcher_users is being proposed.

Hope this is of any use...

Actions

Copy link

Updated by Peter Brogren almost 13 years ago

I can also confirm the issue, and do agree with the original reporter that this is an issue. My reasoning is that while I agree with what Mischa is saying about not suggesting to add watchers that don't have the permission, if I have the permission to add others as watchers I think I should get the full list of people that belong to the project to choose from. So, there should be two separate cases depending on whether I have permission to add others as watchers or not.

The typical case, which I'd say will happen quite regularly, is that an issue is marked as private and as the bug gets worked on I realize I want to add someone as a watcher that wasn't included from the start.

I agree with point r3170 above with the addition "unless someone with permission to add watchers adds them".

Actions

Copy link