Bug 824974
Summary: | Partner field value is being removed when bug changed by user who is not able to set that Partner field value | ||
---|---|---|---|
Product: | [Community] Bugzilla | Reporter: | John Villalovos <jvillalo> |
Component: | Creating/Changing Bugs | Assignee: | Simon Green <sgreen> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.2 | CC: | dbayly, ebaak, hui.xiao, jane.lv, jbrier, jvillalo, jwilleford, keve.a.gabbert, salmy, sgreen, skibria |
Target Milestone: | 4.2-1 | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | 4.2.1-1.6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-05-28 02:14:27 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 786624 |
Description
John Villalovos
2012-05-24 17:59:41 UTC
My guess is that this is happening when people who are unable to set the Partner field to an existing value make a change to the bug, the Partner field value then gets removed for that value. I am starting to notice this happening when people who are not part of the Intel group modify bugs we have shared with them. *** This bug has been marked as a duplicate of bug 825010 *** Simon, Any chance I could have access to see Bug 825010? Seems to be marked private. (In reply to comment #3) > Simon, > > Any chance I could have access to see Bug 825010? Seems to be marked > private. No, I'm changing the duplication to this bug to work around it. -- simon *** Bug 825010 has been marked as a duplicate of this bug. *** Hi guys, I've mostly written the code change for this, but I want to do a serious amount of testing before it goes live due to the amount of code that has changed. One core change is that there is now a check in place that always runs to ensure that a value cannot be added or remove by someone not authorised too. This means even if there is leakage in some other part of the code, the user would be presented with an error instead of being able to add / remove something they cannot. If they are trying to remove a field (as is the case with this bug), they will not be told what value they were trying to remove, as this is partner confidential. Assuming all goes well, this change will be released on Monday. -- simon This will be part of the next Red Hat Bugzilla release. Please report any problem you notice with the new code ASAP. -- simon Red Hat Bugzilla 4.2.1-1.6 was released a few minutes ago. -- simon |