Closed
Bug 313677
Opened 19 years ago
Closed 19 years ago
Sudoers without editusers/bless access see no link to sudo page
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.22
People
(Reporter: karl, Assigned: karl)
Details
Attachments
(1 file)
|
792 bytes,
patch
|
jouni
:
review+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)
The only way to access the sudo start page, besides directly entering the URL, is to go through the editusers page. However, if you do not have this access you will not be able to get to the sudo start page.
Reproducible: Always
Steps to Reproduce:
1. Create a Bugzilla account
2. Have somebody add you to the 'bz_sudoers' group, but not give you 'editusers' membership, and not give you the ability to bless membership in a group.
3. Search for a way to begin an sudo session.
Actual Results:
I do not see a way to start an sudo session.
Expected Results:
I should either have a link to the sudo page in the footer (or some other location), or a link to a low-access version of the editusers page where I can only search for users that can be impersonated, and I can only see their login & real name (and no other information like group memberships).
|
Assignee | |
Updated•19 years ago
|
Assignee: general → karl
Target Milestone: --- → Bugzilla 2.22
Version: unspecified → 2.21
|
|
Assignee | |
Comment 1•19 years ago
|
||
Pretty basic, really. It modifies the output of the permissions tab in user prefs. If the user is in the appropriate group, a line of text is displayed at the bottom of the page saying essentially "you are in the bz_sudoers group, so you can <<impersonate someone else >>.".
Requesting review from jouni.
Attachment #201815 -
Flags: review?(jouni)
|
|
Assignee | |
Updated•19 years ago
|
Status: NEW → ASSIGNED
|
||
Comment 2•19 years ago
|
||
Comment on attachment 201815 [details] [diff] [review]
Patch v1
>+ You are a member of the <b>bz_sudoers</b> group, so you can
>+ <a href="relogin.cgi?action=sudo">impersonate someone else</a>.
I don't really fancy having the group names publicly visible like that, but we're talking about a rather exceptional feature here so I guess it's ok. Just "sudoers" would do for me, though, but do what you think is best.
r=jouni
Attachment #201815 -
Flags: review?(jouni) → review+
|
|
Assignee | |
Updated•19 years ago
|
Flags: approval?
|
||
Comment 3•19 years ago
|
||
Comment on attachment 201815 [details] [diff] [review]
Patch v1
/me senses UI creep.
But it makes sense to me if Myk likes it. The low-power version of editusers makes better sense to me, but that's obviously a fair bit more work.
Attachment #201815 -
Flags: review?(myk)
|
||
Comment 4•19 years ago
|
||
As Dave said, a low-power editusers is preferable, but this is ok for now. a+ for 2.22 during code freeze since it's a low-risk polish fix.
Flags: approval? → approval+
|
|
Assignee | |
Updated•19 years ago
|
Attachment #201815 -
Flags: review?(myk)
|
|
Assignee | |
Comment 5•19 years ago
|
||
Checking in template/en/default/account/prefs/permissions.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/account/prefs/permissions.html.tmpl,v <-- permissions.html.tmpl
new revision: 1.7; previous revision: 1.6
done
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•