Submitted by : simon at: 2003-10-26T21:31:31+00:00 (14 years ago)
Name :
Category : Severity : Status :
Optional subject :  
Optional comment :

(::-quoted to escape angle brackets, space-before-dtml to escape that):

 Date: Mon, 17 Dec 2001 01:19:28 +0200
 From: Heimo Laukkanen <huima@fountainpark.org>
 Subject: standard zwiki footer

 I noticed a bug in this file.

 Near edit this page

 is < dtml-if "AUTHENTICATED_USER.has_permission('Change ZWiki
 Pages',this())">

 It is supposed to make 'edit this page' visible only with that
 permission - but the link itself is not inside that if-clause. Small
 mistake but made it possible to go to the edit-page without the proper
 permission.

 -huima


Simon Michael <simon@joyful.com>, 2002/02/08 13:01 US/Pacific (via mail):
Heimo Laukkanen <huima@fountainpark.org> writes:
> I noticed a bug in this file.

Thanks! I forwarded your bug report to the tracker (http://zwiki.org/IssueNo0075) and will post any additional followups there. You can subscribe there if you like.

Originally, it disabled the edit link entirely. It was changed to allow you to go into the editform and view the page source, even though you won't be allowed to actually save changes. Perhaps this needs to be reviewed for clarity.


simon, 2002/02/08 13:05 US/Pacific (via web):
cf IssueNo0071?


Simon, 2002/03/19 00:07 GMT (via web):
Merged into IssueNo0071?