Mercurial > p > roundup > code

diff CHANGES.txt @ 5274:07da34337f70

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
html/query.item.html was missing checks to verify that a query should be visible to the user. This is fixed and users can only view queries that they own or that are not private.
author John Rouillard <rouilj@ieee.org>
date Sat, 23 Sep 2017 22:00:22 -0400
parents 1bd252244501
children 6b87c06e0e0c
line wrap: on
line diff
--- a/CHANGES.txt	Sat Sep 23 21:29:22 2017 -0400
+++ b/CHANGES.txt	Sat Sep 23 22:00:22 2017 -0400
@@ -457,6 +457,9 @@
 - CSRF protection broke the retire function for query edit. Fix
   javascript and make sure csrf tokens are provided in the right
   places. (John Rouillard)
+- query.item.html was missing checks to verify that a query should
+  be visible to the user. This is fixed and users can only view
+  queries that they own or that are not private. (John Rouillard)
 
 2016-01-11: 1.5.1
Roundup Issue Tracker: http://roundup-tracker.org/