Andreas Hartmann wrote:
Hi Lenya devs,
Richard pointed out that there's a dangerous connection between site
administration rights and user administration rights. If Alice has the
admin role on a single page, she can execute the admin.* usecases
under the Admin tab.
A quite straightforward solution is to introduce two different
administration roles:
1. Website administrator (e.g. "manager")
2. Application administrator (e.g., "admin")
The application administrator role would be used in the usecase
policies to protect the admin.* usecases. We have to add a mechanism
which ensures that this role is not granted to anyone in the "AC auth"
tab.
WDYT?
-- Andreas
+1
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
