mirror of
https://github.com/opf/openproject.git
synced 2026-06-14 03:30:14 +00:00
Christophe Bliard
d8f0788850
Attribute `enabled` can not be used dynamically to control if a permission is available or not. Because enabled permissions is cached at in a class instance variable, this can fails in a multi-tenant architecture. For instance if the lambda reads a feature flag, the permission will be enabled depending on the feature flag of a tenant. Other tenants having a different value for this feature flag will get an unexpected behavior. That the origin of the bug https://community.openproject.org/wp/56064 So from now on, `enabled` is no longer a `Permission` initialization parameter and is always initialized to `true`. It can be turned off at boot time (for instance when using `OPENPROJECT_ENABLED_MODULES`). It must not change during runtime. Visibility in administration is now controlled with a new variable named `visible`. The two permissions previsouly relying on `enabled` proc, `:create_backup` and `introspection`, are now using `visible` instead.