© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I received a share invitation for a folder in ubuntu one, in my registered email (of course :)), and just followed the link. After accepting the share, that was specifically saying that was shared with me, I realized the logged user wasn't me.
I'd expect to have a small check if the current logged user is not the invited user, so it would fail with a forbidden (like Google) or at least ask me if I'm sure of what I'm doing. The ugliest part here is that the accept share page says that the file was shared with the invited user, making me believe I was logged in as such -- this is a lot bigger (black bold text) than the logged in user id in the top right of the page (small red text). I know it's not usual to have more than one person using SSO in the same machine, but, well, that happened. :)
After a conversation with beuno, he explained that this decision of treating shares as consumable tokens was a design one. But I guess we all agree that's not good, so I'm filing this bug. :)