Top Menu

Jump to content
    Global modules

    Global modules

    • Home
    • Projects
    • Activity
    • Work packages
    • Gantt charts
    • Calendars
    • Team planners
    • Boards
    • News
    Home
    Home
Help
    Getting started
    • Introduction video
  • Help and support
    • Upgrade to Enterprise edition
    • User guides
    • Videos
    • Shortcuts
    • Community forum
    • Enterprise support
  • Additional resources
    • Data privacy and security policy
    • Digital accessibility (DE)
    • OpenProject website
    • Security alerts / Newsletter
    • OpenProject blog
    • Release notes
    • Report a bug
    • Development roadmap
    • Add and edit translations
    • API documentation

User menu

Sign in
Forgot your password?

or sign in with your existing account

OpenProject ID Google

Side Menu

Collapse project menu
  • Overview
  • Activity
    Activity
  • Roadmap
  • Work packages
    Work packages
  • Gantt charts
    Gantt charts
  • Calendars
    Calendars
  • Team planners
    Team planners
  • Boards
    Boards
  • News
  • Forums

Content

Expand project menu
General discussion
  1. OpenProject Community
  2. OpenProject
  3. Forums
  4. General discussion
  5. Access rights to "openproject.org"

Access rights to "openproject.org"

Added by Marco Borm almost 11 years ago

I recently checked the openproject release timeline and found some obscure “Clare Frank” item there:
https://www.openproject.org/projects/openproject/timelines/62
https://www.openproject.org/work_packages/16457

I thought it was the result of a hack. After I unfortunately added the release “xyz” myself without a “access denied”, it seams anyone can add any kind of item into this openproject installation. Big sorry for that!

The access rights setup is IMO something to rethink.
https://www.openproject.org/work_packages/16474

Until that, could someone please delete both items? I am not allowed to delete my own item …

Thanks,
Marco


Replies (1)

RE: Access rights to "openproject.org" - Added by Robin Wagner almost 11 years ago

Hello Marco,

thanks for the hint regarding the work packages in the timeline. I deleted both work packages that you referred to.
Currently, registered users have the permission to create work packages in the public projects on openproject.org (but not the permission to delete them).
This way bugs and feature requests can be submitted by the community.
However, as you already noticed this has the unfortunate side effect that also spam can be added which - depending on the type - may be displayed in the timeline.

Your suggestion is valid though. We’ll have a look into possibly limiting the permissions to reduce spam / misleading data.

Best,
Robin

  • (1 - 1/1)
Loading...