[ http://jira.magnolia.info/browse/MAGNOLIA-572?page=comments#action_11381 ]
Sameer Charles commented on MAGNOLIA-572: ----------------------------------------- updated svn trunk, tested all possible scenarios. Leaving this issue open untill we test it more http://svn.magnolia.info/svn/magnolia/trunk/magnolia-core/src/main/java/info/magnolia/jaas/sp/jcr/JCRLoginModule.java http://svn.magnolia.info/svn/magnolia/trunk/magnolia-core/src/main/java/info/magnolia/cms/security/AccessManagerImpl.java > ACL evaluation in case of exact match of path in different roles > ---------------------------------------------------------------- > > Key: MAGNOLIA-572 > URL: http://jira.magnolia.info/browse/MAGNOLIA-572 > Project: magnolia wcm > Type: Bug > Components: core > Versions: 2.1 Final > Reporter: Tom Engel > Assignee: Sameer Charles > Priority: Minor > Fix For: 2.2 M1 > > > When two roles define an ACL for the same path and both roles are assigned to > a user, only the lowest permission for that path is taken by the access > manager. Should be the highest available permission for that path, because > the rights of the roles should always be summed up. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.magnolia.info/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ---------------------------------------------------------------- for list details see http://www.magnolia.info/en/magnolia/developer.html ----------------------------------------------------------------
