[JIRA] Updated: (NXP-5127) version rights model need to be clarified

Wed, 26 May 2010 08:57:42 -0700 

     [ 
https://jira.nuxeo.org/browse/NXP-5127?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stéphane Lacoin updated NXP-5127:
---------------------------------


* Platform publishing was re-defining "Read" permissions instead of just adding 
the new permission. 
* Default content templates was providing "Version" permission to "members".
* Audit was not checking for read versions permission in web view.

Here the full list of branches introducing related changesets 

*  nuxeo-core:1.6-NXP-5127-clarified-version-permissions-model
*  nuxeo-services:5.3-NXP-5127-clarified-version-permissions-mode
*  nuxeo-features:5.3-NXP-5127-clarified-version-permissions-mode




> version rights model need to be clarified
> -----------------------------------------
>
>                 Key: NXP-5127
>                 URL: https://jira.nuxeo.org/browse/NXP-5127
>             Project: Nuxeo Enterprise Platform
>          Issue Type: Bug
>    Affects Versions: 5.3.1
>            Reporter: Stéphane Lacoin
>            Assignee: Stéphane Lacoin
>             Fix For: 5.3.2
>
>   Original Estimate: 0 minutes
>  Remaining Estimate: 0 minutes
>
> The current rights model about version is confusing. We're defining two 
> permissions "Version" and "ReadVersion".
> These two versions are include in "Read" permission. Also, "ReadVersion" is 
> aliasing "Version". 
> We don't want to keep this.
> Here is what we want to be in place instead.
> Let say that 
> * we have the two basic permissions : READ_VERSION (can read a version) and 
> WRITE_VERSION (can create a version)
> * we have the composed permission  VERSION that composes READ_VERSION and 
> WRITE_VERSION
> * and finally the READ permission compose the READ_VERSION permission
> If we update the security checks for using this model, we're done.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
https://jira.nuxeo.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets

Reply via email to