Closed
Bug 666780
Opened 14 years ago
Closed 13 years ago
users should be able to see tests without having to log in
Categories
(Mozilla QA Graveyard :: MozTrap, enhancement)
Mozilla QA Graveyard
MozTrap
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: camd, Unassigned)
References
Details
presumably, this would let them into the manage section in read-only mode. And perhaps NOT show them draft mode objects? Needs discussion.
|
Reporter | |
Comment 1•14 years ago
|
||
A Pivotal Tracker story has been created for this Bug: http://www.pivotaltracker.com/story/show/15005773
|
|
Reporter | |
Comment 2•14 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
this should be switch-able based on system-level config settings. Some companies don't want anyone to see anything (stealth mode startup) but mozilla wants everyone to see everything.
|
|
Reporter | |
Comment 3•14 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
secondary goal: pieces are view-able or not by logged in or not.
|
|
Reporter | |
Comment 4•14 years ago
|
||
Cameron Dawson changed story state to unstarted in Pivotal Tracker
|
|
Reporter | |
Comment 5•14 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
I think this is actually quite easy to implement. All we need is a UI option to specify a "default guest user". That user can be given whatever VIEW permissions are desired, anywhere from none to all, and it will be used for any not-logged-in user.
|
|
Reporter | |
Comment 6•13 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
Sounds great, carl. If we can fit this in, let's do it! :)
|
|
Reporter | |
Comment 7•13 years ago
|
||
Eric Meyer added a comment in Pivotal Tracker:
That sounds like something I should be wireframing? Can I get a bit more detail on how you see that working, Carl?
|
|
Reporter | |
Comment 9•13 years ago
|
||
Carl Meyer changed story state to started in Pivotal Tracker
|
|
Reporter | |
Comment 10•13 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
In working on this story I realized that even with our current access policy we're being too generous with access to the manage-users list; we let anyone who is logged in access it, but since you can self-register that really means anyone, and it has email addresses on it. Even just the list of valid user names and roles is sensitive data that any old self-registered user shouldn't have access to. So I've locked down the manage-users page so that only people with manage_users permission can see it at all.
|
|
Reporter | |
Comment 11•13 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
Ok, there is now an ALLOW_ANONYMOUS_ACCESS setting, False by default, but if its set to True then an anonymous user can see manage and results pages (except for manage-users). Also documented that setting on the deployment page. If you want Mozilla's deployment to be anon-accessible, you'll have to file an IT request for them to add this setting to the settings/local.py on their deployment.
|
|
Reporter | |
Comment 12•13 years ago
|
||
Carl Meyer changed story state to delivered in Pivotal Tracker
|
|
Reporter | |
Comment 13•13 years ago
|
||
Carl Meyer changed story state to delivered in Pivotal Tracker
|
|
Reporter | |
Comment 14•13 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
This is awesome. Thanks for noticing that, Carl! Works fantastic
|
|
Reporter | |
Comment 15•13 years ago
|
||
Cameron Dawson changed story state to accepted in Pivotal Tracker
|
|
Reporter | |
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Updated•7 years ago
|
Product: Mozilla QA → Mozilla QA Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•