Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-43045

Role name missing in security overview report

    Details

    • Database:
      Any
    • Testing Instructions:
      Hide
      1. Login as an admin
      2. Edit the "Authenticated User" role
      3. Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage".
      4. View the security overview report at Site Admin > Reports > Security
      5. You should see a "Critical" risk for "Default Role for all users"
      6. The description should say "The default user role "Authenticated User" is incorrectly defined!"
      Show
      Login as an admin Edit the "Authenticated User" role Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage". View the security overview report at Site Admin > Reports > Security You should see a "Critical" risk for "Default Role for all users" The description should say "The default user role "Authenticated User" is incorrectly defined!"
    • Affected Branches:
      MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE, MOODLE_27_STABLE
    • Fixed Branches:
      MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      master_MDL-43045

      Description

      Steps to reproduce

      1. Edit the "Authenticated User" role
      2. Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage".
      3. View the security overview report at Site Admin > Reports > Security Overview

      What happens

      You will get a Critical issue with "Default role for all users" but the description will say:

      "The default user role "" is incorrectly defined!"

      What should happen

      The description should say "The default user role "Authenticated User" is incorrectly defined!"

      For bonus points, it would be great if the detailed description printed a list of the capabilities that caused the report to fail.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    13/Jan/14