This project is read-only.

Non-Authentication Bypasses Rules

Topics: General
Feb 29, 2012 at 9:00 PM

I made a rule to have an e-mail notification sent whenever a comment is left.  I noticed that as long as I was logged in (as admin), then the rule would execute successfully as I left comments.  But when I logged out, and then left a comment, the rule would not execute. 

It is a reapetable problem: I can toggle between successful rule executions (of my comment notification) simply by logging in or logging out.  So is this a bug, or did I miss something?

Feb 29, 2012 at 9:52 PM

That's a bug, I just fixed it. Not yet online, thanks

Feb 29, 2012 at 9:58 PM

Thanks, you are awesome.

BTW, I don't know the policy of how bug fixes are deployed.  Is it policy that all bug fixes always wait until the next release (in this case 1.4.0), or does the currently available release (e.g. 1.3.10) sometimes get altered?

Mar 1, 2012 at 5:34 PM

We alter previous and current version for security fixes. We did this for instance on 1.3.9 -> 1.3.10.

We fixed two bugs 1 hour before releasing 1.4 yesterday. Yours and another one.