Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add user to project when locking themselves out
Automatically add the current user with their access level to the project's user list if after updating it they can no longer access it (i.e. by making it private). Fixes #16554
- Loading branch information
e08fc01
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we add this also to function mc_project_update or add it to function project_update to avoid redundant code?
Or is it the responsibility of the SOAP client to handle this case?
Now the user does no longer lock out himself but still locks out other managers.
Do we have to add ALL global managers?
e08fc01
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some more thoughts:
There are use cases where adding just the current user is wanted, there are other use cases where some of the global managers (most of the time not all) should be added.
There can't be an automatism which fits all.
We shouldn't allow that a global manager locks out other global managers.
To keep it simple:
Undo the project_add_user functionality.
Allow the setting to "private" only if the current user has already manage_project_threshold rights for the project or has create_project_threshold rights.
Introducing set_project_private_threshold is a bit too much for it.
e08fc01
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since you're copy/pasting your comments there anyway, I suggest to continue this conversation in http://www.mantisbt.org/bugs/view.php?id=16554