[magnolia-dev] [JIRA] (MGNLWORKFLOW-179) Any user can launch a workflow regardless of their permissions

[JIRA (on behalf of Federico Grilli)]

Federico Grilli updated MGNLWORKFLOW-179 Any user can launch a workflow regardless of their permissions Change By: Federico Grilli (11/Dec/13 11:09 AM) Description: As long as a workflow action is available in the UI, there's no security check regarding the grants owned by the current user. The basic rule should be "user has Read+Write grants on the workflow workspace AND has at least Read grant on the  workspace where the  node they're trying to publish is located.

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

---

----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <dev-list-unsubscr...@magnolia-cms.com>
----------------------------------------------------------------