[
http://jira.magnolia-cms.com/browse/MGNLGROOVY-17?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Philipp Bärfuss reopened MGNLGROOVY-17:
---------------------------------------
Reopening the issue to start a discussion.
In my opinion the shell should check for a certain role. Just protecting the
url, as it is done now, has the following disadvantages:
- each role needs the deny ACL which clutters all the existing roles (done by
an update task)
- once one greats a new roles/user group one might forget to add this special
deny permission
Simple: better to grant access to few than to deny access explicitly to many
> Grant permissions to access groovy features to superuser and scripter roles
> only
> --------------------------------------------------------------------------------
>
> Key: MGNLGROOVY-17
> URL: http://jira.magnolia-cms.com/browse/MGNLGROOVY-17
> Project: Magnolia Groovy Module
> Issue Type: Task
> Components: console, integration, tree/dialog
> Reporter: Federico Grilli
> Assignee: Federico Grilli
> Fix For: 1.0
>
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
