-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Context checkboxes ignored for traverse permissions #3579
Comments
Hartmnt
added
acl
Everything related to access-control-lists (permission management)
bug
A bug (error) in the software
labels
Jun 2, 2024
Hartmnt
added a commit
to Hartmnt/mumble
that referenced
this issue
Jul 17, 2024
Previously, both the traverse and write ACL would be evaluated without taking the "in this channel" and "in sub-channels" context options into account. This would lead to denying traverse for channels that were actually supposed to be traversable. This commit refactors the ACL calculation for readability and makes sure the write and traverse checks are actually taking the context into account. Fixes mumble-voip#3579
Note: Only 3) and 4) are unexpected. Revoking traverse on any parent channel is supposed to make all child channels inaccessible even if the denied traverse ACL does not explicitly "propagate" down. |
Hartmnt
added a commit
to Hartmnt/mumble
that referenced
this issue
Sep 22, 2024
Previously, both the traverse and write ACL would be evaluated without taking the "in this channel" and "in sub-channels" context options into account. This would lead to denying traverse for channels that were actually supposed to be traversable. This commit refactors the ACL calculation for readability and makes sure the write and traverse checks are actually taking the context into account. Fixes mumble-voip#3579
Hartmnt
added a commit
to Hartmnt/mumble
that referenced
this issue
Oct 1, 2024
Previously, both the traverse and write ACL would be evaluated without taking the "in this channel" and "in sub-channels" context options into account. This would lead to denying traverse for channels that were actually supposed to be traversable. This commit refactors the ACL calculation for readability and makes sure the write and traverse checks are actually taking the context into account. Fixes mumble-voip#3579
Hartmnt
added a commit
to Hartmnt/mumble
that referenced
this issue
Oct 14, 2024
Previously, both the traverse and write ACL would be evaluated without taking the "in this channel" and "in sub-channels" context options into account. This would lead to denying traverse for channels that were actually supposed to be traversable. This commit refactors the ACL calculation for readability and makes sure the write and traverse checks are actually taking the context into account. Fixes mumble-voip#3579
Hartmnt
added a commit
to Hartmnt/mumble
that referenced
this issue
Oct 14, 2024
Previously, both the traverse and write ACL would be evaluated without taking the "in this channel" and "in sub-channels" context options into account. This would lead to denying traverse for channels that were actually supposed to be traversable. This commit refactors the ACL calculation for readability and makes sure the write and traverse checks are actually taking the context into account. Fixes mumble-voip#3579
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps to reproduce:
@all -traverse
on some channel (also add-write
if not already set by default)Applies to this channel
(keepApplies to sub-channels
ticked)Applies to sub-channels
as wellThe checkboxes should either be disabled when traverse is denied or be properly handled.
Looking at the code responsible for permission checking, I do not see any particular reason why this special case exists (i.e. why not just use
granted & Traverse
/granted & Write
?), so I'd strongly prefer the latter option.mumble/src/ACL.cpp
Lines 87 to 94 in 17cdab7
The text was updated successfully, but these errors were encountered: