When a person without sufficient rights visits [[Special:Log/suppress]], it should give an appropriate error message. Simply showing all logs is bad error handling.
Version: unspecified
Severity: enhancement
When a person without sufficient rights visits [[Special:Log/suppress]], it should give an appropriate error message. Simply showing all logs is bad error handling.
Version: unspecified
Severity: enhancement
mike.lifeguard+bugs wrote:
(In reply to comment #0)
When a person without sufficient rights visits [[Special:Log/suppress]], it
should give an appropriate error message. Simply showing all logs is bad error
handling.
Presumably the corollary of that is that on Special:Log/suppress we should show as much info as possible (since anyone who can see the suppress log can also see the content that was hidden or whatever) -- see bug 18335.
FT2.wiki wrote:
The supppress log itself is not public or admin visible -- for reference, the old oversight log used to be public then had to be made private too, similar reasons long ago covered.
So a non-oversighter should probably get a message saying they don't have access to this log, as per suggestion.
Change 74580 had a related patch set uploaded by Legoktm:
If a user does not have permission to view a log type, throw a PermissionsError
Change 74580 merged by jenkins-bot:
If a user does not have permission to view a log type, throw a PermissionsError