Opened 9 years ago
Last modified 8 years ago
#12226 closed defect
Prevent granting permission that differs from a defined action by case only — at Version 1
Reported by: | Ryan J Ollos | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 1.2 |
Component: | general | Version: | |
Severity: | normal | Keywords: | permission |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description (last modified by )
The following issue was reported in gmessage:trac-users:vKI_MDGL-Fs/ecyzUJLqBAAJ. The user had granted TRAC_Admin
to a user, and when attempting to grant TRAC_ADMIN
, the system replied that the user already had TRAC_ADMIN
. I haven't tried to reproduce yet with MySQL.
It would seem that the most straightforward way to avoid confusion would be to prevent users from adding a permissions group that differs from a defined action only by case. Further, to handle the scenario in which a component is enabled after a permission is granted we should provide a more accurate error message, showing the actual casing of the permission that has already been granted.