Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Fix bug in access_has_bug_level() for private issues
When private_bug_threshold is defined as an array instead of a single access level, e.g. array(0=>40, 1=>70, 2=>90) to prevent developers from seeing private bugs while granting that privilege to updaters, access_has_bug_level() incorrectly returned true. The consequence is that unwanted access to Private bugs was granted to users who are allowed to view them, e.g. allowing them to delete or perform other restricted actions. Fixes #10124
- Loading branch information