Piwigo Bugtracker

Viewing Issue Advanced Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000110 [Piwigo] navigation minor always 2005.04.30 22:02 2005.08.18 09:57
Reporter plg View Status public  
Assigned To plg
Priority low Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 1.4.1 Product Version 1.4.0
  Target Version Product Build
Summary 0000110: return to element view from element edition fails depending on permissions
Description Return to element view (picture.php) from element edition (admin.php?page=picture_modify) fails if element's physical category is forbidden to the admin user.
Steps To Reproduce Gallery configuration :

- "element1" is physically linked to category "root > physical-1"
- "element1" is virtually linked to category "root > virtual-1"
- category "root > physical-1" is private
- "admin1" user is not authorized for category "root > physical-1"

Logged in as "admin1", return to picture.php from admin/picture_modify.php goes to category "root > physical-1" by default and as "admin1" can't see this category, an error message tells that access is forbidden.
Additional Information
Tags No tags attached.
browser any
Database engine and version
PHP version
Web server Apache 1.3.x
Attached Files

- Relationships

-  Notes
plg (manager)
2005.04.30 22:16

It is possible that for an admin, viewing an element is impossible if no linked category is authorized for the admin... In that case, there should be no link to viewing, only a thumbnail.
plg (manager)
2005.05.01 14:18

Correction is partial for branch 1.4 : a linked category is randomly chosen but if no linked category is authorized for the admin user, then the link is to the storage category (which can be forbidden).

http://cvs.gna.org/viewcvs/phpwebgallery/phpwebgallery/admin/picture_modify.php.diff?r1=1.20&r2= [^]
plg (manager)
2005.08.18 09:57

On BSF (and for branch 1.5), a prettier solution was coded :

// jump to link
// 1. find all linked categories that are reachable for the current user.
// 2. if a category is available in the URL, use it if reachable
// 3. if URL category not available or reachable, use the first reachable
// linked category
// 4. if no category reachable, no jumpto link

- Issue History
Date Modified Username Field Change
2005.04.30 22:02 plg New Issue
2005.04.30 22:02 plg Status new => assigned
2005.04.30 22:02 plg Assigned To => plg
2005.04.30 22:02 plg browser => any
2005.04.30 22:02 plg Web server => Apache 1.3.x
2005.04.30 22:16 plg Note Added: 0000133
2005.05.01 14:18 plg Status assigned => resolved
2005.05.01 14:18 plg Fixed in Version => 1.4.1
2005.05.01 14:18 plg Resolution open => fixed
2005.05.01 14:18 plg Note Added: 0000136
2005.08.18 09:57 plg Note Added: 0000211
2005.08.18 09:57 plg Status resolved => closed

Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker