Inconsistent security checks on activation/deactivation
-------------------------------------------------------
Key: MAGNOLIA-1993
URL: http://jira.magnolia.info/browse/MAGNOLIA-1993
Project: Magnolia
Issue Type: Bug
Components: activation
Affects Versions: 3.5.2, 3.5.1, 3.5, 3.5 RC3, 3.5 RC2, 3.5 RC1
Reporter: Jan Haderka
Assignee: Philipp Bracher
After fixing MAGNOLIA-1536 security checks performed on activation/deactivation
are now inconsistent. To activate the document permission to access
/ActivationHandler is satisfactory condition (no write permission to the given
part of repository necessary), however to deactivate document user needs to be
able to access the /ActivationHandler and needs REMOVE permission on
deactivated document. This leads to situation where user can activate the
document but has no permission to deactivate it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/docs/en/editor/stayupdated.html
----------------------------------------------------------------
