Opened 9 years ago
Last modified 8 years ago
#12226 closed defect
Prevent granting permission that differs from a defined action by case only — at Version 1
| Reported by: | Ryan J Ollos | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.2 |
| Component: | general | Version: | |
| Severity: | normal | Keywords: | permission |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description (last modified by )
The following issue was reported in gmessage:trac-users:vKI_MDGL-Fs/ecyzUJLqBAAJ. The user had granted TRAC_Admin to a user, and when attempting to grant TRAC_ADMIN, the system replied that the user already had TRAC_ADMIN. I haven't tried to reproduce yet with MySQL.
It would seem that the most straightforward way to avoid confusion would be to prevent users from adding a permissions group that differs from a defined action only by case. Further, to handle the scenario in which a component is enabled after a permission is granted we should provide a more accurate error message, showing the actual casing of the permission that has already been granted.
Note:
See TracTickets
for help on using tickets.
