New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Task status change checks should be ACL-based #111

Open
flack opened this Issue Jan 30, 2015 · 0 comments

Comments

Projects
None yet
1 participant
@flack
Owner

flack commented Jan 30, 2015

Reported by flack on 13 Jul 1935 16:25 UTC
Right now, only a task's manager can do certain task status changes, making the workflow quite inflexible, especially since some steps can't be skipped. OTOH, anybody with update privileges can just modify the task to enter themselves as manager, so it isn't even a security feature.

So this should be replaced by a component privilege (which could be given to the task's manager by default)

Migrated-From: http://trac.openpsa2.org/ticket/108

@flack flack self-assigned this Jan 30, 2015

@flack flack added this to the undecided milestone Jan 30, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment