I am using release 1.2.0 (2008-09-28 01:02).
When in System Settings > Public Access I set "Override event name/description for public access" to "yes" and then provide an override text in the next line, I get the following behaviour when I access the public access calendar:
In all the "My Calendar" Views except Year (of course), the appointment shows up with the Name (not the override text) visible on the appropriate date and att the appropriate time. If I hold the mouse over the item, the title and full description appear in the tool tip.
The override text is only used if I then click on the item to see its properties.
This is pretty obviously not the desired behaviour: the override text should be used everywhere on the Public Access Calendar. If the public user can see the title and description from the main calendar pages, there is no point restricting access to it when he clicks on one of the links.
I've listed this as a security hole because it means that users are displaying potentially private information when they settings wizard is assuring them that they are masking this information.
Log in to post a comment.