How to disable direct access of test case via direct link?

LATEST Official version.
Questions and discussions - NO ISSUES
FOR ISSUES => http://mantis.testlink.org

Moderators: Amaradana, TurboPT, TL Developers

Post Reply
ericli
TestLink user
Posts: 1
Joined: Thu Jul 19, 2012 9:34 pm

How to disable direct access of test case via direct link?

Post by ericli »

Dear All,

Find a issue that a registered user can access a test case of test project which he is not authorized by using the direct test case access link.

This issue is found in v1.9.3. Once user know the test case direct link of other projects, he can simply access all test suites of this particular test project.

This issue bring us security problem. Can anyone advise how to disable such direct access or alternative solution?

Thanks.

Eric Lee
Top
fman
Member of TestLink Community
Posts: 3123
Joined: Tue Nov 15, 2005 7:19 am

Re: How to disable direct access of test case via direct lin

Post by fman »

Because this is an issue => please report it on Mantis.
Do some searchs on mantis to understand if this has been solved (i.e. a patch/fix exists)
Meanwhile to disable this only choice is edit code
Top
Post Reply

Return to “TestLink 1.9”