Uploaded image for project: 'ONE'
  1. ONE
  2. ONE-38907

WBS Widget - The Box Switcher incorrectly handles permissions if a Box is deep in the hierarchy



    • No
    • Boxes
    • BigPicture, BigGantt
    • JIRA server, JIRA cloud
    • 17
    • 11
    • $i18n.getText("admin.common.words.hide")
      var cfToHide1 = document.getElementById("rowForcustomfield_18501"); if(cfToHide1){cfToHide1.style.display="none";} var cfToHide2 = document.getElementById("rowForcustomfield_18502"); if(cfToHide2){cfToHide2.style.display="none";} var cfToHide3 = document.getElementById("rowForcustomfield_19700"); if(cfToHide3){cfToHide3.style.display="none";} var cfToHide4 = document.getElementById("rowForcustomfield_18400"); if(cfToHide4){cfToHide4.style.display="none";}
    • Sprint 2021/21
    • PI2021/6
    • 5 minutes, 6 seconds
    • 3 hours, 8 minutes, 9 seconds
    • 42 minutes, 51 seconds
    • 22 hours, 1 minute, 44 seconds
    • 14 hours, 6 minutes, 17 seconds
    • 1 day, 4 hours, 13 minutes, 52 seconds
    • 3 weeks, 2 days, 8 hours, 19 minutes, 1 second
    • $i18n.getText("admin.common.words.hide")
      var cfToHide1 = document.getElementById("rowForcustomfield_21302"); if(cfToHide1){cfToHide1.style.display="none";} var cfToHide2 = document.getElementById("rowForcustomfield_19201"); if(cfToHide2){cfToHide2.style.display="none";} var cfToHide3 = document.getElementById("rowForcustomfield_19300"); if(cfToHide3){cfToHide3.style.display="none";} var cfToHide4 = document.getElementById("rowForcustomfield_19301"); if(cfToHide4){cfToHide4.style.display="none";} var cfToHide5 = document.getElementById("rowForcustomfield_19302"); if(cfToHide5){cfToHide5.style.display="none";} var cfToHide6 = document.getElementById("rowForcustomfield_19303"); if(cfToHide6){cfToHide6.style.display="none";} var cfToHide7 = document.getElementById("rowForcustomfield_19204"); if(cfToHide7){cfToHide7.style.display="none";} var cfToHide8 = document.getElementById("rowForcustomfield_19205"); if(cfToHide8){cfToHide8.style.display="none";}


      Create Hierarchy of Boxes, with Program Box as a parent, and 5 "floors" of children with a Box Type of Own Scope type and an inherited permissions (see "permission hierarchy.png"). Add a Box Viewer (boxViewer) user to the Program Box. Add a task to the last Box in the Hierarchy.
      Note: Alternatively, the user can have permissions only to the last Box, if the permission set is not inherited, as long if the Box is deep enough.

      Reproduction steps:

      1. Log in as the Box Viewer of the Program Box (see prerequisites).
      2. Open the Gantt module of the last Box in the hierarchy made in prerequisites.
      3. Open the task made in the prerequisites.
      4. See how the WBS widget loads.

      Actual result:
      The WBS either loads doesn't load at all and displays a blank space, or displays a permission error on the screen: "The WBS is not visible, as you do not have appropriate permissions to view associated Boxes.", and the same message as a warning in the devtools console; even though the user have the correct permission set.

      Expected result:
      WBS loaded for the Box that the user has permission to. 





            pawel.wasiak Paweł Wasiak
            krzysztof.luczak Krzysztof Łuczak
            ewelina.cedro Ewelina Cedro , system.jenkins Jenkins , grzegorz.duzy Grzegorz Duży , anna.kicior Anna Kicior (Inactive) , katarzyna.rajchert Katarzyna Rajchert , system.gerrit Gerrit , krzysztof.luczak Krzysztof Łuczak
            0 Vote for this issue
            2 Start watching this issue