[$30] Normal users can edit/delete the comments added by others #217
Comments
|
@sdgun - I can't reproduce this. Can you try again please? |
|
@jmgasper This can be reproduced, checked by adding a comment from TCConnCopilot in https://vanilla.topcoder-dev.com/discussion/1777/3rd and then log in as user sdguntcqa(pw-T0pc0der@123) |
jmgasper
changed the title
|
Contest https://www.topcoder.com/challenges/30154852 has been created for this ticket. |
|
@atelomycterus - I checked this in the permissions. |
|
Contest https://www.topcoder.com/challenges/30154852 has been updated - it has been assigned to obog. |
|
@jmgasper yes, you are right. User doesn't have permisisons. I've checked what permisisons loaded: I've found a bug in Vanilla CommentModel canEdit(). |
|
@jmgasper Fixed. please apply PRs: TestingDon't use TonyJ account for testing because this account has several admin roles with Comments.Edit/Comments.Delete permissions. Please test with group members (copilot, member and so on) Vanilla user/Topcoder User: How Vanilla works by defaultThe Edit option is displayed if
The Delete option is displayed if
|
|
Payment task has been updated: https://software.topcoder.com/review/actions/ViewProjectDetails?pid=30154852 |
|
Verified from normal user, copilot, con admin and manager. |
Steps
Log in to forums as a normal user (sdguntcqa)
Go to any available challenge forum discussion added by another user (https://vanilla.topcoder-dev.com/discussion/1751/baze-my-discussion#latest)
Click on ellipsis of a comment from another user
This user can perform edit/delete on it
The text was updated successfully, but these errors were encountered: