Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-43045

Role name missing in security overview report

    XMLWordPrintable

Details

    • Any
    • MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE, MOODLE_27_STABLE
    • MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE
    • master_MDL-43045
    • Hide
      1. Login as an admin
      2. Edit the "Authenticated User" role
      3. Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage".
      4. View the security overview report at Site Admin > Reports > Security
      5. You should see a "Critical" risk for "Default Role for all users"
      6. The description should say "The default user role "Authenticated User" is incorrectly defined!"
      Show
      Login as an admin Edit the "Authenticated User" role Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage". View the security overview report at Site Admin > Reports > Security You should see a "Critical" risk for "Default Role for all users" The description should say "The default user role "Authenticated User" is incorrectly defined!"

    Description

      Steps to reproduce

      1. Edit the "Authenticated User" role
      2. Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage".
      3. View the security overview report at Site Admin > Reports > Security Overview

      What happens

      You will get a Critical issue with "Default role for all users" but the description will say:

      "The default user role "" is incorrectly defined!"

      What should happen

      The description should say "The default user role "Authenticated User" is incorrectly defined!"

      For bonus points, it would be great if the detailed description printed a list of the capabilities that caused the report to fail.

      Attachments

        Issue Links

          Activity

            People

              simoncoggins Simon Coggins
              simoncoggins Simon Coggins
              Rajesh Taneja Rajesh Taneja
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Sam Hemelryk Sam Hemelryk
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.