Bug #38481 Role selection on User Management page is broken
Submitted: 31 Jul 2008 9:44 Modified: 1 Jan 2011 17:45
Reporter: Ingo van Lil Email Updates:
Status: Won't fix Impact on me:
None 
Category:Eventum Severity:S3 (Non-critical)
Version:2.1.1 OS:Any
Assigned to: CPU Architecture:Any
Tags: Manage, role, users

[31 Jul 2008 9:44] Ingo van Lil 
Description:
The logic for determining the list of available roles per project in the Eventum user management page is broken: In manage/users.php the "excluded_roles" array is pre-initialized to a reasonable value before entering the project loop, but then overwritten inside the loop whenever the subject user is either Aministrator or Customer in a project.

If I understand the intention of the code correctly, the "excluded_roles" array should be assembled as follows:

- The "Customer" option should be available only for users that already have that particular role. Converting non-Customer users to Customer leads to problems because the usr_customer_id field in the eventum_user table is NULL.

- The "Administrator" option should be available only for users that already have that particular role or, if the logged in user is administrator, for all users.

How to repeat:
Go to the Manage User page and edit a user who has the "Administrator" role in at least one project. The "Customer" option will be available in all subsequent projects.

Suggested fix:
Rebuild the "excluded_roles" array in every iteration of the project loop. See attached patch.
[31 Jul 2008 9:45] Ingo van Lil 
Suggested bugfix.

Attachment: eventum-manage-users.patch (text/x-patch), 1.60 KiB.
[1 Jan 2011 17:45] Valeriy Kravchuk 
As Oracle no longer sponsors or coordinates active development of the Eventum software, interested parties should report bugs at https://bugs.launchpad.net/eventum