What steps will reproduce the problem?
1.Make item restricted to a role
2.Have a user with access to the folder but not part of the role search for the
restricted item
3.Have user not part of the role click on the result from the search to
navigate to the item
4.User that is not part of the role can unmask the item
What is the expected output? What do you see instead?
Expected output would be regardless if a user has access to a folder, if they
are not part of the role then they should not be able to view items restricted
to the role.
Instead my test user was able to search and find the restricted item (which is
ok) but they are able to click on the key to navigate directly to the item and
unmask it.
However, if they go directly to the item in the folder (not search) then they
are not able to view it which is the expected result
What version of the product are you using?
Teampass 2.1.3
On what operating system? With what Browser (IEx, FFx, ...)
IE8, FF8
Please provide any additional information below.
I believe the simplest solution would be to just make restricted items not even
show up in the search at all if the user account does not match the rules for
that restriction. Similar to personal folder items. For example, personal
folder items do not show up in search results for other users which perhaps is
how it should be for restricted items.
Original issue reported on code.google.com by hexxamil...@gmail.com on 19 Jan 2012 at 4:38
Original issue reported on code.google.com by
hexxamil...@gmail.com
on 19 Jan 2012 at 4:38