2011-04-13 08:49:22 |
Ursula Junque |
bug |
|
|
added bug |
2011-04-13 08:53:01 |
Ursula Junque |
description |
I received a share invitation for a folder in ubuntu one, in my registered email (of course :)), and just followed the link. After accepting the share, that was specifically saying that was shared with me, I realized the logged user wasn't me.
I'd expect to have a small check if the current logged user is not the invited user, so it would fail with a forbidden (like Google) or at least ask me if I'm sure of what I'm doing. The ugliest part here is that the accept share page says that the file was shared with the invited user, making me believe I was logged in as such -- this is a lot bigger (black bold text) than the logged in user id in the top right of the page (small red text). I know it's not usual to have more than one person using SSO in the same machine, but, well, that happened. :)
After a conversation with beuno, he explained that this decision of treating shares as consumable tokens was a design one. But I guess we all agree that's not good, so I'm filing this bug. :) |
I received a share invitation for a folder in ubuntu one, in my registered email (of course :)), and just followed the link. After accepting the share, that was specifically saying that was shared with me, I realized the logged user wasn't me.
I'd expect to have a small check if the current logged user is not the invited user, so it would fail with a forbidden (like Google) or at least ask me if I'm sure of what I'm doing.
Also, the accept share page says that the file was shared with the invited user (me), if that was correct and displaying me the option to accept it, making me believe I was logged in as such. I mean, I'm not used to check if I'm the logged user every time I decide to do something online. I know it's not usual to have more than one person using SSO in the same machine, but, well, that happened. :)
After a conversation with beuno, he explained that this decision of treating shares as consumable tokens was a design one. But I guess we all agree that's not good, so I'm filing this bug. :) |
|
2011-04-13 08:53:46 |
Ursula Junque |
description |
I received a share invitation for a folder in ubuntu one, in my registered email (of course :)), and just followed the link. After accepting the share, that was specifically saying that was shared with me, I realized the logged user wasn't me.
I'd expect to have a small check if the current logged user is not the invited user, so it would fail with a forbidden (like Google) or at least ask me if I'm sure of what I'm doing.
Also, the accept share page says that the file was shared with the invited user (me), if that was correct and displaying me the option to accept it, making me believe I was logged in as such. I mean, I'm not used to check if I'm the logged user every time I decide to do something online. I know it's not usual to have more than one person using SSO in the same machine, but, well, that happened. :)
After a conversation with beuno, he explained that this decision of treating shares as consumable tokens was a design one. But I guess we all agree that's not good, so I'm filing this bug. :) |
I received a share invitation for a folder in ubuntu one, in my registered email (of course :)), and just followed the link. After accepting the share, that was specifically saying that was shared with me, I realized the logged user wasn't me.
I'd expect to have a small check if the current logged user is not the invited user, so it would fail with a forbidden (like Google) or at least ask me if I'm sure of what I'm doing.
Also, the accept share page says that the file was shared with the invited user (me), asking me to check if that was correct and displaying me the option to accept it, making me believe I was logged in as such. I mean, I'm not used to check if I'm the logged user every time I decide to do something online. I know it's not usual to have more than one person using SSO in the same machine, but, well, that happened. :)
After a conversation with beuno, he explained that this decision of treating shares as consumable tokens was a design one. But I guess we all agree that's not good, so I'm filing this bug. :) |
|
2011-04-13 09:05:21 |
John Lenton |
affects |
ubuntuone-client |
ubuntuone-servers |
|
2011-04-13 19:08:25 |
Natalia Bidart |
ubuntuone-servers: assignee |
|
Ubuntu One web team (ubuntuone-web) |
|
2014-11-12 19:18:37 |
Curtis Hovey |
ubuntuone-servers: assignee |
Registry Administrators (registry) |
|
|