View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0021654 | mantisbt | code cleanup | public | 2016-08-28 15:34 | 2017-10-08 23:53 |
Reporter | cproensa | Assigned To | cproensa | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.2 | ||||
Target Version | 2.7.0 | Fixed in Version | 2.7.0 | ||
Summary | 0021654: Deprecate access_has_any_project() | ||||
Description | As a follow up of 0014268, as discussed in PR https://github.com/mantisbt/mantisbt/pull/861 The function access_has_any_project() is at risk of not functioning correctly, as probably, to check an access level on several projects, the config option has to be evaluated for each individual project. The new function introduced in said PR, access_has_any_project_level(), can account for each project configuration, and should be used instead access_has_any_project(). Being a function that have existed for a long time in core api, the proposal is to replace all usages with the new equivalent, and mark it as deprecated to show a warning in case any external code is using it. usages: I report this to be a separated task from that PR, because there are more changes to be done, as some of that code is operating incorrectly on thresholds assuming they are integer values (they can also be arrays). | ||||
Tags | No tags attached. | ||||
MantisBT: master 1c436505 2017-08-19 07:50 Committer: dregad Details Diff |
Deprecate access_has_any_project() This function may mislead into incorrect validations. Usually you want to check that a user meets a threshold for any project, but that threshold may be configured differently for each project, and the user may also have different access levels in each project due to private projects assignment. In that scenario, $p_access_level can't be a static threshold, but a "threshold identifier" instead, that must be evaluated for each project. Function "access_has_any_project_level()" provides that functionality, also covers the basic usage of this function. For such reasons, this function has been deprecated. Fixes: 0021654 |
Affected Issues 0021654 |
|
mod - core/access_api.php | Diff File |