composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-20 15:52:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Security enhancements:

Browse Source 
- ensure that a user can ony see the details of the ticket she/he is allowed to see, even if the id is typed manually
- add a define'd filter to filter the drop-down lists of the search form for searching closed tickets.

SVN:trunk[3027]
This commit is contained in:
Denis Flaven
2013-12-09 11:39:25 +00:00
parent 8509237084
commit d42443697c
6 changed files with 75 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
portal/readme.txt
View File

@@ -19,7 +19,8 @@ PORTAL_VALIDATE_SERVICESUBCATEGORY_QUERY: OQL to check the service again (securi
PORTAL_ALL_PARAMS: parameters that the wizard will kindly propagate through its pages (mixing should not be a problem, default value could be cleaned a little...)
PORTAL_SET_TYPE_FROM: attribute of the class ServiceSubcategory determining the request type
PORTAL_TYPE_TO_CLASS: optional mapping from the request types to ticket classes
PORTAL_TICKETS_SEARCH_CRITERIA: list of search criteria for closed tickets
PORTAL_TICKETS_SEARCH_CRITERIA: comma separated list of search criteria (attcodes) for closed tickets
PORTAL_TICKETS_SEARCH_FILTER_attcode: an OQL query to limit the list of values available in the search form (drop-down list). One define per entry in PORTAL_TICKETS_SEARCH_CRITERIA
Caution: Hardcoded stuff