Expected submitters links to unauthorized page (tutor view)
Bug #816218 reported by
Matt Giuca
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| IVLE |
Triaged
|
Low
|
Unassigned | ||
Bug Description
The project view shows the following text under "Expected submitters" when there are 0 expected submitters and the user has tutor or lecturer permission:
"There are no students assigned to submit this project. Do you want to enrol some?"
"enrol some" links to the new enrolments page, which the tutor may or may not have access to (depending on configuration). This is NOT a security vulnerability, just a broken link.
It should check whether the user has enrol privileges in this subject, and if not, it should not display the text "Do you want to enrol some?" at all.
To post a comment you must log in.
