Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008484TestLinkBug Tracking System - Redmine Integrationpublic2018-11-22 12:422018-12-09 22:56
ReporterMathieu R 
Assigned Tofman 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionwon't fix 
PlatformbitnamiOSdebianOS Version9.5
Product Version1.9.17 (2018 Q1) 
Fixed in Version 
Summary0008484: Testlink ask for Redmine full list of users which is restricted to admins
DescriptionIn my Testlink installation, when creating issues to Redmine from Testlink, I had errors like:

Create issue feedback
Create REDMINE Ticket FAILURE => redmine::_requesturl:http://www.domain.net/redmine [^] - XRedmineSwitchUser: - response:{"url":"http:\/\/www.domain.net\/redmine\/users.xml?limit=1000","content_type":"application\/xml","http_code":403,"header_size":320,"request_size":173,"filetime":-1,"ssl_verify_result":0,"redirect_count":0,"total_time":0.017807,"namelookup_time":5.4e-5,"connect_time":5.7e-5,"pretransfer_time":0.000299,"size_upload":0,"size_download":0,"speed_download":0,"speed_upload":0,"download_content_length":0,"upload_content_length":-1,"starttransfer_time":0.017776,"redirect_time":0,"redirect_url":"","primary_ip":"XX.YY.ZZ.AA","certinfo":[],"primary_port":80,"local_ip":"192.168.19.33","local_port":44400} - content: "" - serialized issue:s:311:" Issue Executing Step number 5 - Test Case: FD-01: Create Document (FD) Field C01 is not displayed Link to TestLink Execution: https://192.168.19.33/ltx.php?item=exec&feature_id=1&build_id=2256 [^] ";

As you see, Testlink seems trying to get the full list of Redmine users using the API.
I don't know what is the reason for Testlink to get this full list, but I read that this behavior is forbidden in many Redmine installations if the user account do not have administrator rights.

So I tried to create an incident using only the API and curl command to verify that my user account have enough rights to create issues:

curl http://www.domain.net/redmine/projects/projectname/issues.xml [^] -X POST -H 'X-Redmine-API-Key: XZXSX76SQ87687X6QS87X6SQ876XSQ876XSQ7X6Q' -H 'Content-Type: application/xml' -d '<issue><subject>TEST</subject><description>Description</description></issue>'

The previous curl command created an issue successfully.


So I found in the code the function used to get the full Redmine user list, in file third_party/redmine-php-api/lib/redmine-rest-api.php at line 273 in function "getUsers()":

    $items = (array)$this->_get("/users.xml?limit=1000");
    return $items['user'];


So if the full user list is not needed suggest to change this behavior and check only for the existence of the current user, using the following code:

    $items = (array)$this->_get("/users/current.xml");
    return $items['user'];

Here I only changed the address and we only check for the current user details pageu.

Now, with a user that is not a Redmine admin, I can create issues from Testlink.
And this is very useful because the Redmine portal is owned by a third party and I it is difficult to ask them to make modifications on their setup.

But I'm sure there is a reason for getting the full user list, It looks like I miss something ...
Could someone shed some light on this ?
TagsNo tags attached.
Database (MySQL,Postgres,etc)MySQL
Browser
PHP Version
TestCaseID
QA Team - Task Workflow StatusTBD
Attached Files

- Relationships
related to 0007278closedfman Customise Testlink Username to Equal Redmine Username 

-  Notes
(0028265)
fman (administrator)
2018-11-24 09:00

Advice:
always remove status filter (hide closed by default) and do search that can provide you the info.

give a look here: 0007278
(0028271)
Mathieu R (reporter)
2018-11-26 10:43

Ok, very interesting, I did not saw this one.
This case looks a bit different as I was unable to create a Redmine incident from Testlink before modifying how the user list is retrieved.
Maybe it is a specific settings in the Redmine installation I have to connect to.

- Issue History
Date Modified Username Field Change
2018-11-22 12:42 Mathieu R New Issue
2018-11-24 09:00 fman Note Added: 0028265
2018-11-24 09:00 fman Relationship added related to 0007278
2018-11-24 09:01 fman Assigned To => fman
2018-11-24 09:01 fman Status new => feedback
2018-11-26 10:43 Mathieu R Note Added: 0028271
2018-11-26 10:43 Mathieu R Status feedback => assigned
2018-12-09 22:56 fman QA Team - Task Workflow Status => TBD
2018-12-09 22:56 fman Status assigned => closed
2018-12-09 22:56 fman Resolution open => won't fix



Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker