-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Debian 5.0 (lenny), Hudson ver. 1.358 with LDAP
1. First of all going to /me/my-views/view/All/ user see all menu items which shouldn't see, like: New Job, Manage Hudson, People, Build History, Delete View, My Views
2. Then clicking on 'Delete View'
3. Choose Yes on question: 'Are you sure about deleting the view?'
Then you will see following error:
Status Code: 500
Backtrace:
Exception:
Stacktrace:
java.lang.IllegalStateException
at hudson.model.MyViewsProperty.deleteView(MyViewsProperty.java:118)
at hudson.model.View.doDoDelete(View.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
root cause for extra links:
sidepanel.jelly is checking permissions for which links to show.. "it" here a view whose getOwner() is a MyViewsProperty and getACL is based on the User object.. A user has full permission of its own object, so the view page incorrectly shows every possible link.
root cause for delete failure:
need to hide the "delete view" link when "my-views" has only ONE view (can't delete the last one).