Broken project permissions/weird bug with nested projects
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	bjshively
	Mar 22 2017, 4:18 PM

Description

Someone on my team has a parent project with several children. Let's call them Parent, Child1, and Child 2.

Parent had a number of members before any child projects were created. Parent has an edit and join policy of "Project Members Only", meaning that someone must add you to the project.

Then, someone started creating child projects. This means that Parent no longer has its own members, members are only able to be added to leaf node projects.

This has an interesting side effect. Anyone that was a member of Parent *before* Child was created is able to edit Parent. Anyone who is only a member of Child (because they cannot be directly added to Parent), is unable to edit Parent, create new Subprojects, etc.

Here are some screenshots demonstrating this weirdness:

Supertest is a member of the "PermissionsTest" parent project, via his membership of the "child permissions project" subproject.

Supertest gets this error when trying to edit "PermissionsTest"

Related Objects

Mentioned In: T12525: amckinley's Onboarding

Event Timeline

bjshively created this task.Mar 22 2017, 4:18 PM

This is probably a one-line fix, but let me repro + get test coverage on it.

WARNING: never mind this was bogus

Actually, that fix is completely bogus and there's no inverse edge type so this is perhaps somewhat more involved.

epriestley mentioned this in T12525: amckinley's Onboarding.Apr 9 2017, 1:46 PM

• pasik added a subscriber: • pasik.May 12 2018, 1:47 PM

Broken project permissions/weird bug with nested projectsOpen, Needs TriagePublicActions

Description

Related Objects

Event Timeline

Broken project permissions/weird bug with nested projects
Open, Needs TriagePublic
Actions