![]() |
|
|
|
|
Issue Type:
|
![Story]() Story
|
|
Affects Versions:
|
3.2, 3.1 |
|
Assignee:
|
Christoph Meier
|
|
Components:
|
moderation, security |
|
Created:
|
10/Jan/14 10:15 AM
|
|
Description:
|
As a Forum-Admin or -moderator (or user), i have more fine-granular security with custom permissions (e.g. "Modearate&Post") for the forum workspace
Make sure, that the Forum-modules registers it specific permission to the config. of the security-app.
This will allow to specify the specific forum-roles like it was possible with Magnolia 4.5 (see attachment).
Because these are special permissions, they cannot be mapped to standard JCR-permissions, that's why "every" code-execution must be checked security-wise using the "old" security-interface (e.g. things like PermissionUtil.isGranted(((Content) message).getJCRNode(), ForumConfiguration.MODERATE_PERMISSION)).
Make sure that new actions and or commands take this into account.
|
|
Fix Versions:
|
3.3 |
|
Project:
|
Magnolia Forum Module
|
|
Priority:
|
![Neutral]() Neutral
|
|
Reporter:
|
Christoph Meier
|
|
Security Level:
|
Public |
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <
[email protected]>
----------------------------------------------------------------
