Issue Details (XML | Word | Printable)

Key: JRA-8405
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Minor Minor
Assignee: Dylan Etkin [Atlassian]
Reporter: Brett Shelton
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
JIRA

Priority levels popup prompts for login

Created: 27/Oct/05 10:23 PM   Updated: 02/Aug/06 01:37 AM
Component/s: Permissions Security
Affects Version/s: None
Fix Version/s: 3.6.4

Time Tracking:
Original Estimate: 3 hours
Original Estimate - 3 hours
Remaining Estimate: 3 hours
Remaining Estimate - 3 hours
Time Spent: Not Specified
Remaining Estimate - 3 hours

Issue Links:
Reference
 

Participants: Brett Shelton, Daniel Ostermeier, Dylan Etkin [Atlassian], Jeff Turner [Atlassian] and Scott Farquhar [Atlassian]
Since last comment: 2 years, 10 weeks, 3 days ago
Resolution Date: 02/Aug/06 01:37 AM
Labels:


 Description  « Hide
If anonymous users attempt to view descriptions for priority levels using the popup link, the popup window presents a login page.

Users should not need to log in to see help or tip screens

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Daniel Ostermeier added a comment - 31/Oct/05 12:51 AM
Hi Brett,

Confluence does not support priority levels. Are you sure that you wanted to raise a bug report for Confluence and not Jira?

If so, can you please provide some more details to help us understand the problem.

Regards,
-Daniel


[ Permlink | « Hide ]
Brett Shelton added a comment - 31/Oct/05 05:58 AM
Yes. This should be a JIRA bug.

Steps to reproduce:

  • admin: setup the ability for anonymous users to create issues (for at least one project)
  • log out.
  • as anonymous: select Create New Issue
  • click on the "help" tip icon next to the priority selection (to view descriptions of priority levels)
  • window pops up with login screen

Users should see the same screen as a logged in user and not be prompted to log in.


[ Permlink | « Hide ]
Daniel Ostermeier added a comment - 31/Oct/05 06:36 PM
Hi Brett,

I have forwarded this on to jira support.


[ Permlink | « Hide ]
Jeff Turner [Atlassian] added a comment - 02/Nov/05 09:43 PM
You're right, it probably shouldn't require login. We'd need to give this issue a bit of thought, since status/issue type descriptions may reveal sensitive information. Thanks for raising the bug.

[ Permlink | « Hide ]
Scott Farquhar [Atlassian] added a comment - 25/Jul/06 01:12 AM
I think that we should just check if the remote user can see any projects, and if so - then let them.

This would involve removing the 'use' permission check for ShowConstantsHelp in actions.xml, and then doing the permission check inside the action instead.


[ Permlink | « Hide ]
Dylan Etkin [Atlassian] added a comment - 02/Aug/06 01:37 AM
This has been fixed. The page will now show to anyone who has browse issue permission on at least one project, this includes non logged in users that have browse project permission. There is a functional test that verifies this.


Powered by Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13-#330) - Bug/feature request - Atlassian news - Contact Administrators