"Edit" button appears next to image titles that the user doesn't have permission to edit
Review Request #6747 — Created Jan. 8, 2015 and submitted
Information | |
---|---|
VTL-Developer | |
Review Board | |
master | |
3606 | |
0ee0cd6... | |
Reviewers | |
reviewboard, students | |
Edit button and functionality was given to everyone as the check was not done on the front end. Checking with the model for ReviewRequestEditor was done to ensure edit permissions were allowed.
Testing was done manually with admin, users (people who created the issue, part of the group/issued to, or not part of the group) and visitors.
-
You can remove "Bug Issue 3306" from the title. The generated commit description will contain the bug number.
You should add the
students
group to future reviews.
Summary: |
|
||||
---|---|---|---|---|---|
Groups: |
|
-
-
reviewboard/static/rb/js/views/reviewRequestEditorView.js (Diff revision 1) This should use
this.model.get('editable')
rather than accessing the attributes object directly.
Change Summary:
Adjusted to use Backbone.js implementation
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 2 (+1 -1) |

-
Tool: Pyflakes Ignored Files: reviewboard/static/rb/js/views/reviewRequestEditorView.js Tool: PEP8 Style Checker Ignored Files: reviewboard/static/rb/js/views/reviewRequestEditorView.js
-
-
reviewboard/static/rb/js/views/reviewRequestEditorView.js (Diff revision 2) Actually, one last change. It's probably more correct to use
=== true
rather than!== false
(since ifeditable
werenull
orundefined
, we wouldn't want to assume that it was OK to edit).
Change Summary:
New diff
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 3 (+1 -1) |