Forbidden error when viewing a milestone with private bugs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
Medium
|
Christian Reis |
Bug Description
When I try to view the following URL, I get a forbidden error:
https:/
The end of the traceback reads as follows:
* Module zope.tales.tales, line 698, in evaluate
return expression(self)
/
Line 38, Column 4
Expression: <PathExpr standard:
- Names:
* Module zope.tales.
return self._eval(
* Module zope.tales.
return ob()
* Module zope.app.
return self.index(*args, **kw)
* Module zope.app.
return self.im_
* Module zope.app.
sourceAnn
* Module zope.pagetempla
strictins
* Module zope.tal.
self.
* Module zope.tal.
handlers[
* Module zope.tal.
text = self.engine.
* Module zope.app.
text = self.evaluate(expr)
* Module zope.tales.tales, line 698, in evaluate
return expression(self)
/
Line 2, Column 0
Expression: <PathExpr standard:
- Names:
* Module zope.tales.
return self._eval(
* Module zope.tales.
ob = self._subexprs[
* Module zope.tales.
ob = self._traverser(ob, element, econtext)
* Module zope.app.
request=
* Module zope.app.
curr = traversePathEle
* Module zope.app.
next_item = traversable.
* Module zope.app.
attr = getattr(subject, name, _marker)
_
Unauthorized: ('status', 'launchpad.View')
I am guessing that a private bug that I am not subscribed to is targetted at the milestone, which causes the Unauthorized exception when trying to read the details of that bug.
A simple fix would be to add tal:condition=
Changed in malone: | |
status: | Unconfirmed → Confirmed |
Changed in malone: | |
assignee: | nobody → kiko |
Changed in malone: | |
status: | Fix Committed → Fix Released |
Got the same problem with a different attribute. The URL accessed was:
https:/ /launchpad. net/products/ launchpad- upload- and-queue/ +bug/29645/ +index
I got a Forbidden error (Not allowed here), and the backtrace tail was:
* Module zope.app. traversing. adapters, line 114, in traverse ment(curr, name, path, request=request) traversing. adapters, line 167, in traversePathElement traverse( nm, further_path) launchpad. webapp. tales, line 553, in traverse launchpad. webapp. tales, line 584, in pagetitle launchpad. pagetitles, line 51, in __call__
curr = traversePathEle
* Module zope.app.
next_item = traversable.
* Module canonical.
return self.pagetitle()
* Module canonical.
title = titleobj(context, view)
* Module canonical.
return smartquote('Bug #%d in %s: "%s"') % (
Unauthorized: ('targetname', 'launchpad.View')