Mahara

wysiwyg tinymce showing on logged out pages if config 'wysiwyg' is set to 'enable'

Bug #1460850 reported by Robert Lyon on 2015-06-01

This bug affects 3 people

	Status	Importance	Assigned to	Milestone
Mahara	Fix Released	High	Robert Lyon	Mahara 15.10.0
15.04	Fix Released	High	Unassigned	Mahara 15.04.2
15.10	Fix Released	Undecided	Unassigned

Bug Description

Logged out users should not be allowed to use the wysiwyg editor when leaving feedback - this is due to them not allowed to upload images etc.

When the 'Administration' -> 'Configure site' -> 'General settings' field for 'HTML editor' is set to 'enable' the wysiwyg is shown when logged out.

This is due to the is_html_editor_enabled() function not being robust enough.

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2015-06-01: A patch has been submitted for review

Patch for "master" branch: https://reviews.mahara.org/4812

Revision history for this message

Robert Lyon (robertl-9) wrote on 2015-06-01:

To test:

1) Set the 'Administration' -> 'Configure site' -> 'General settings' field for 'HTML editor' to 'enable'
2) View a page with secret url when logged out

- before patch you should see:

in 15.10 - the right corner of the editor
in 15.04 - the editor

Or you can check both by seeing if this line is in source code: var editor_to_focus;

- after patch you should not see the editor and the line should not exist in source code

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2015-06-04: A change has been merged

Reviewed: https://reviews.mahara.org/4812
Committed: https://git.nzoss.org.nz/mahara/mahara/commit/962c9c48ad5d2c1e7413807c3bbc75de1a9c4c5b
Submitter: Son Nguyen (<email address hidden>)
Branch: master

commit 962c9c48ad5d2c1e7413807c3bbc75de1a9c4c5b
Author: Robert Lyon <email address hidden>
Date: Tue Jun 2 11:40:26 2015 +1200

Making sure user is logged in before they can see the tinymce

Bug 1460850

As we shouldn't be able to see/use it if we are anonymous user

Change-Id: I1e454bcbd17667c88650360cee82069801e7c36b
Signed-off-by: Robert Lyon <email address hidden>

Aaron Wells (u-aaronw) on 2015-07-08

Changed in mahara:
status:	In Progress → Fix Committed

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2015-07-08: A patch has been submitted for review

Patch for "15.04_STABLE" branch: https://reviews.mahara.org/4932

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2015-07-08: A change has been merged

Reviewed: https://reviews.mahara.org/4932
Committed: https://git.nzoss.org.nz/mahara/mahara/commit/f7fc0f90cb4738d02485d819fc29239d780c035e
Submitter: Robert Lyon (<email address hidden>)
Branch: 15.04_STABLE

commit f7fc0f90cb4738d02485d819fc29239d780c035e
Author: Robert Lyon <email address hidden>
Date: Tue Jun 2 11:40:26 2015 +1200

Making sure user is logged in before they can see the tinymce

Bug 1460850

As we shouldn't be able to see/use it if we are anonymous user

Change-Id: I1e454bcbd17667c88650360cee82069801e7c36b
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit 962c9c48ad5d2c1e7413807c3bbc75de1a9c4c5b)

Robert Lyon (robertl-9) on 2016-11-06

Changed in mahara:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.