request #8219 Field with no permission should not be visible in tracker structure

Infos

Artifact ID#8219

Submitted byJoris MASSON (jmasson)

Last Modified On2015-10-09 17:11

Submitted on2015-07-09 12:30

Rank8241

Details

Summary *

Field with no permission should not be visible in tracker structure

Original Submission

Given a tracker with a field that nobody has permission to read
When I GET /v1/trackers/{id}
Then the "structure" object should not contain fields I don't have permission to read.

In the attached json file, you'll see an example of the result of a GET /v1/trackers/{id} where the problem is visible. The user I used to make the request does not have permission to read the field with id 1385. It is not present in the "values" array, as expected but it is present in the "structure" object when it should not.

CategoryAPI

Reported in versiondevelopment

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toEmpty

StatusUnder review

Close dateEmpty

Attachments

By Joris MASSON (jmasson)

(12 kB)

tracker_structure.json

Example tracker structure.

References

Cross references

Show items referenced by request #8219

Referenced by request #8219

Other

gerrit #4224

Follow-ups

Yannis ROSSETTO (rossettoy)

2015-10-09 17:11

A new patch is under review: gerrit #4224

Joris MASSON (jmasson)

2015-07-17 17:22

Summary
-Field with no permission should not be visible in tracker ~~strcture~~
+Field with no permission should not be visible in tracker structure

Yannis ROSSETTO (rossettoy)

2015-07-17 16:23

A patch is under review: gerrit #4224

Status changed from New to Under review

Public

Referenced by request #8219

Other

Follow-ups