MantisBT - TestLink
View Issue Details
0007038TestLinkRolespublic2015-03-31 14:572015-09-19 08:49
noe 
fman 
normalmajoralways
closedfixed 
linux
1.9.13 (2015 #1) 
1.9.14 (2015 Q3) 
postgres
firefox
5.5
READY FOR TESTING
0007038: an user with a global "admin" role, can loose his rights on a project
We have a lot of testlink projects.
Our projects are private and a user is a local "admin" on each project.

The problem for us is that the local "admin" can remove ("no rights") the global admin from his project.
Then, our global "admin" has no access to this project.

A user could remove all users with administration role (assign user...) from his project. Then we need to correct by accessing directly to the database.

In Mantis the global role "admin" is specific, and has access to all projects.
- login as a local admin of a project
- assign a global admin user to "no rights" on a project
- login as this global admin user
- he has no access to this project
No tags attached.
related to 0007039closed fman Global Admin role will not be demoted/changed on test project or test plan 
child of 0006830closed fman Availables hot-fixes for 1.9.13 & How To get full fixed package from GitHub 
Issue History
2015-03-31 14:57noeNew Issue
2015-03-31 21:30fmanNote Added: 0023014
2015-03-31 21:31fmanNote Edited: 0023014bug_revision_view_page.php?bugnote_id=23014#r4297
2015-03-31 21:32fmanNote View State: 0023014: public
2015-03-31 21:35fmanNote Edited: 0023014bug_revision_view_page.php?bugnote_id=23014#r4298
2015-04-01 16:21noeNote Added: 0023018
2015-04-01 17:57fmanNote Added: 0023019
2015-04-01 18:46fmanIssue cloned: 0007039
2015-04-01 18:46fmanRelationship addedrelated to 0007039
2015-04-01 19:42fmanQA Team - Task Workflow Status => READY FOR TESTING
2015-04-01 19:42fmanStatusnew => resolved
2015-04-01 19:42fmanFixed in Version => 1.9.14 (2015 Q3)
2015-04-01 19:42fmanResolutionopen => fixed
2015-04-01 19:42fmanAssigned To => fman
2015-04-01 19:42fmanRelationship addedchild of 0006830
2015-04-02 08:47noeNote Added: 0023023
2015-09-19 08:49fmanNote Added: 0023964
2015-09-19 08:49fmanStatusresolved => closed

Notes
(0023014)
fman   
2015-03-31 21:30   
(edited on: 2015-03-31 21:35)
1) using admin defined at test project level is not (IMHO) a good practice. I'm going to try to block this kind of config

2) How Mantis works is a choice done by Mantis dev team, this does not means that same approach can be or must be used by TestLink.

3) This is not a bug (IMHO), is a valid (but not coherent way) to configure

4) express your requirement as a FEATURE REQUEST not as a bug => needs a different subject.

5) You have a workaround, (a) do not use anymore admin (SPECIFIC) on test project
(b) say people to do not touch global admin.

an option can be that global admin role can not be modified at test project or test plan level

(0023018)
noe   
2015-04-01 16:21   
Your option :
"the global admin role can not be modified at test project or test plan level"
would be fine for us.
(0023019)
fman   
2015-04-01 17:57   
OK, are you considering any kind of contribution to TestLink ?
(0023023)
noe   
2015-04-02 08:47   
I'm working for a french Ministry, sorry but I'm afraid that my contribution is limited to take part to testlink evolution and documentation.
(0023964)
fman   
2015-09-19 08:49   
1.9.14 Padawan - released - 2015-09-19