here is a errorcode
Code: Select all
Started GET "/users.xml?limit=1000" for "IP" at 2018-11-09 16:29:34 +0300
Processing by UsersController#index as XML
Parameters: {"limit"=>"1000"}
Current user: testlink (id=255)
Filter chain halted as :require_admin rendered or redirected
Completed 403 Forbidden in 14ms (ActiveRecord: 2.5ms)we dont want mark "testlink_user" in redmine as admin.
#1 http://www.redmine.org/projects/redmine ... ersonation
but we can create issue in redmine by "testlink_user" apikey without admin rights and used this method from redmine.
#2 http://www.redmine.org/projects/redmine ... g-an-issue
I tried to find in testlink sources and found redmine-rest-api.php
there i just found the method which confirms "testlink user" in users.xml
administrative access for infrastucture account is a security risk.
- can u approve its just using users.xml to find "testlink_user" and there is no hidden possibilities.
- can u tell us how to switch #1 to #2 method if its possible.