Hi Lenya devs,
Richard pointed out that there's a dangerous connection between site
administration rights and user administration rights. If Alice has the
admin role on a single page, she can execute the admin.* usecases under
the Admin tab.
A quite straightforward solution is to introduce two different
administration roles:
1. Website administrator (e.g. "manager")
2. Application administrator (e.g., "admin")
The application administrator role would be used in the usecase policies
to protect the admin.* usecases. We have to add a mechanism which
ensures that this role is not granted to anyone in the "AC auth" tab.
WDYT?
-- Andreas
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
