Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Fix request #33003 Artifact link value in webhook must not check permissions

Download Browse

Given an artifact updated that have at lease one artifact link non readable by the current user, then this link information is not provided in the webhook payload. All the artifact content must be sent in the webhook payload without checking permissions. How to test ----------- * Go to an artifact as a user that cannot see at least one artifact link * Enable webhooks for this tracker * Edit the artifact with the user that cannot see at least one artifact link => The webhook payload sent must have all the link informations. Change-Id: I0e2ff0757507678c67c246cc0e1dc9998ad4edef

+18 −6
Yannis ROSSETTO (rossettoy) 2023-07-11 17:14
Yannis ROSSETTO (rossettoy) 2023-07-12 09:17
64ba81935ac31c4fe5f51c4037d7cab8dcfd0a19
6b94773909060c27dcc4fc28c0d67ddd7bb5a55d
git #tuleap/stable/64ba81935ac31c4fe5f51c4037d7cab8dcfd0a19

Modified Files

Side by side diff
Inline diff
Name
M plugins/tracker/include/REST/Artifact/Changeset/ChangesetRepresentationBuilder.php +6 −2 Go to diff View file
M plugins/tracker/tests/unit/REST/Artifact/Changeset/ChangesetRepresentationBuilderTest.php +12 −4 Go to diff View file