Project

General

Profile

Bug #851

Settings & Requests Controls Mistakenly Visible

Added by Anonymous over 8 years ago. Updated about 8 years ago.

Status:
Confirmed
Priority:
Elevated
Assignee:
-
Category:
Groups
Target version:
-
Start date:
05/27/2009
Due date:
% Done:

0%

QA Check:
Feature Branch:

Description

Where: testing at we.riseup.net (August 17th, 2009).

Summary: The controls 'settings' and 'requests' for managing a committee (or a coordinating council) are exposed to users that do not permission to use these controls.

Details: A user can visit the public profile of a committee (or a coordinating council) and IF council membership is set to be publicly visible, then visiting user is also provided 'settings' and 'requests' controls (however these controls are non-functional). Note: this is true when user is NOT member of group associated with committee or council.

Example: This public page (https://we.riseup.net/bluestockings+collective) leads to membership list (https://we.riseup.net/groups/memberships/list/bluestockings+collective) where user is offered controls to which user does NOT have permission.

Expected: controls are NOT visible if non-functional.

Original Report: For groups moderated (with a coordinating council). Members not part of the council can still see the send invites and see request links under the members. They can not use them (says permission denied) but we can still see them. Please take them out Thanks!

History

#1 Updated by jeffrey about 8 years ago

  • Subject changed from Groups with a coordinating council to Settings & Requests Controls Mistakenly Visible
  • Status changed from New to Confirmed

Also available in: Atom PDF