there's a minor bug in project_issue_access() (issue.inc, revision 1.102.2.6, ~line 470) which causes the "access own project issues" permission to be broken. the code is checking if the node's uid matches $user->uid. however, this funciton is not declaring "global $user", so the $user object is unset and the $user->uid never matches $node->uid. a trivial patch (1 line diff) to fix this bug is attached.

thanks,
-derek

CommentFileSizeAuthor
project_issue_access-global_user.patch584 bytesdww

Comments

dww’s picture

dww
we/he/they
commented

FYI: i just checked and the above patch applies cleanly to revision 1.143 of issue.inc on the HEAD of cvs.

nedjo’s picture

nedjo
he/him/his
Primary language English
commented
Version: 4.6.x-1.x-dev » x.y.z
Status: Needs review » Fixed

Thanks, applied to HEAD. No one to my knowledge is currently doing more than the absolutely essential on 4.6.

dww’s picture

dww
we/he/they
commented

No one to my knowledge is currently doing more than the absolutely essential on 4.6.

and a 1-line fix to allow one of the permissions to work isn't "essential"? ;)

i'd just apply it to 4.6, too... but you're the maintainer. if you think it's better to leave it broken, that's your decision. you're the one(s) who will have to answer any support issues that come in as a result of this, not me. ;)

thanks,
-derek

nedjo’s picture

nedjo
he/him/his
Primary language English
commented

I'm not the project maintainer. I'm a community volunteer spending some time on it. This isn't an us vs. them kinda thing. You've contributed a patch, one that was accepted and applied (in under three hours). That makes you a contributor to the project. Welcome. Thanks for your contribution. I'm letting you know as a matter of courtesy that (a) I personally don't have the free time to do much on the 4.6 branch, and (b) I don't know of anyone else who does either. It's not that it wouldn't be nice to do--just that there are too many other competing needs. If you do have the time to do so, and have CVS access or want to apply for it (likely you'd need to be taking on more than the occasional patch to be approved), I'd really appreciate your contribution.

dww’s picture

dww
we/he/they
commented

sorry, didn't at all mean to be "us" vs. "them" about it. my apologies.

no, i don't (yet) have cvs access. i didn't think that was given out except to people maintaining their own modules, or the blessed core developers of core drupal. ;) i'd be more than happy to fix this myself, if given the chance.

thanks for the note, and once again, i didn't mean any offense...

-derek

nedjo’s picture

nedjo
he/him/his
Primary language English
commented

No prob. You're right, you do need to be maintaing a project to get CVS access. But contributing fixes and improvements to existing modules as you're doing is a fine start.

I've applied this to 4.6.

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)