Bug 864712
Summary: | Copy trans in project page available for any users | ||
---|---|---|---|
Product: | [Retired] Zanata | Reporter: | Alex Eng <aeng> |
Component: | Security | Assignee: | Alex Eng <aeng> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ding-Yi Chen <dchen> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | development | CC: | zanata-bugs |
Target Milestone: | --- | ||
Target Release: | 2.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | 1.8.0-SNAPSHOT (20121016-1428) | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-11-07 06:19:35 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Alex Eng
2012-10-09 23:57:21 UTC
Implemented security check on copy trans option in project page. Restricted only to project maintainers and admin. See https://github.com/zanata/zanata/commit/bcb08c86f97c3187b98d0614ddcbe9c761a79fc9 Tested with Zanata version 1.8.0-SNAPSHOT (20121012-0031) Error message "You do not have permission to access this resource" appears for non-admin project maintainers. Reassigned. Fixed security issue. See https://github.com/zanata/zanata/commit/293c0fd8df9e6f63f2a9a89b51bea6f3a8347bd6 VERIFIED with Zanata version 1.8.0-SNAPSHOT (20121016-1428) Fix released in Zanata 2.0. |