[
https://jira.nuxeo.org/browse/NXP-5127?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Stéphane Lacoin updated NXP-5127:
---------------------------------
Having contributed to security for not providing READ_VERSION by default, we
still have access to versions from the history tab
<extension target="org.nuxeo.ecm.core.security.SecurityService"
point="permissions">
<permission name="Read">
<remove>ReadVersion</remove>
</permission>
</extension>
> version rights model need to be clarified
> -----------------------------------------
>
> Key: NXP-5127
> URL: https://jira.nuxeo.org/browse/NXP-5127
> Project: Nuxeo Enterprise Platform
> Issue Type: Bug
> Affects Versions: 5.3.1
> Reporter: Stéphane Lacoin
> Assignee: Stéphane Lacoin
> Fix For: 5.3.2
>
> Original Estimate: 0 minutes
> Remaining Estimate: 0 minutes
>
> The current rights model about version is confusing. We're defining two
> permissions "Version" and "ReadVersion".
> These two versions are include in "Read" permission. Also, "ReadVersion" is
> aliasing "Version".
> We don't want to keep this.
> Here is what we want to be in place instead.
> Let say that
> * we have the two basic permissions : READ_VERSION (can read a version) and
> WRITE_VERSION (can create a version)
> * we have the composed permission VERSION that composes READ_VERSION and
> WRITE_VERSION
> * and finally the READ permission compose the READ_VERSION permission
> If we update the security checks for using this model, we're done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.nuxeo.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
