Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-43045

Role name missing in security overview report

XMLWordPrintable

    • Any
    • MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE, MOODLE_27_STABLE
    • MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE
    • master_MDL-43045
    • Hide
      1. Login as an admin
      2. Edit the "Authenticated User" role
      3. Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage".
      4. View the security overview report at Site Admin > Reports > Security
      5. You should see a "Critical" risk for "Default Role for all users"
      6. The description should say "The default user role "Authenticated User" is incorrectly defined!"
      Show
      Login as an admin Edit the "Authenticated User" role Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage". View the security overview report at Site Admin > Reports > Security You should see a "Critical" risk for "Default Role for all users" The description should say "The default user role "Authenticated User" is incorrectly defined!"

      Steps to reproduce

      1. Edit the "Authenticated User" role
      2. Set a capability that carries XSS, Config or Data loss risk to "Allow". For example "moodle/role:manage".
      3. View the security overview report at Site Admin > Reports > Security Overview

      What happens

      You will get a Critical issue with "Default role for all users" but the description will say:

      "The default user role "" is incorrectly defined!"

      What should happen

      The description should say "The default user role "Authenticated User" is incorrectly defined!"

      For bonus points, it would be great if the detailed description printed a list of the capabilities that caused the report to fail.

            simoncoggins Simon Coggins
            simoncoggins Simon Coggins
            Rajesh Taneja Rajesh Taneja
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Sam Hemelryk Sam Hemelryk
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.