Piwigo Bugtracker

Piwigo bug tracker has moved to Github

This bugtracker is kept to provide history on old issues.


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002977Piwigoalbumspublic2013.10.18 22:482013.10.18 23:03
Reporterplg 
Assigned Toplg 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.5.2 
Target Version2.5.3Fixed in Version2.5.3 
Summary0002977: move a public album into a private album may create inconsistent permissions
DescriptionIt is not easy to reproduce, here is a scenario:

1) create album "A" and set it as private, permitted to nobody
2) create album "A1", set it as private, permitted to "user1"
3) edit permissions of A1, don't remove "user1" and set is as "public"
4) move A1 into A

now A is permitted to nobody and A1 is permitted to user1, which is inconsistent. If album A1 is permitted to user1, then A should also be.
TagsNo tags attached.
browserany
Database engine and version
PHP version
Web serverApache 1.3.x
Attached Files

- Relationships

-  Notes
(0007150)
svn (reporter)
2013.10.18 22:56

[Subversion] r24986 by plg on branch 2.5

-----[Subversion commit log]----------------------------------------------------
bug 2977 fixed: when moving an album, whatever the previous status
private/public we must remove irrelevant permissions (a public album
can have hidden permission, ie list of groups/users permitted). I've
also found a bug in the algorithm that selects users/groups to delete
(reverse parameters in array_diff).
(0007151)
svn (reporter)
2013.10.18 23:02

[Subversion] r24987 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
merge r24986 from branch 2.5 to trunk

bug 2977 fixed: when moving an album, whatever the previous status
private/public we must remove irrelevant permissions (a public album
can have hidden permission, ie list of groups/users permitted). I've
also found a bug in the algorithm that selects users/groups to delete
(reverse parameters in array_diff).


- Issue History
Date Modified Username Field Change
2013.10.18 22:48 plg New Issue
2013.10.18 22:48 plg Status new => assigned
2013.10.18 22:48 plg Assigned To => plg
2013.10.18 22:48 plg browser => any
2013.10.18 22:48 plg Web server => Apache 1.3.x
2013.10.18 22:56 svn Checkin
2013.10.18 22:56 svn Note Added: 0007150
2013.10.18 23:02 svn Checkin
2013.10.18 23:02 svn Note Added: 0007151
2013.10.18 23:03 plg Status assigned => closed
2013.10.18 23:03 plg Resolution open => fixed
2013.10.18 23:03 plg Fixed in Version => 2.5.3


Copyright © 2000 - 2018 MantisBT Team
Contact
Powered by Mantis Bugtracker