Status: Accepted
Owner: [email protected]
Labels: Type-Defect Priority-Medium Milestone-Release-1.1
Component-AccessControl
New issue 1311 by [email protected]: Can't assign mulitple access rules
per role
http://code.google.com/p/qubit-toolkit/issues/detail?id=1311
To reproduce this error:
========================
1) Create a user 'Hilary', and assign them to a group with 'edit'
permissions (e.g. editor)
2) Add a new user permission to deny edit permission in all repositories
3) Add a new user permission to allow edit permission on a single
repository (e.g. 'Archives of the Fraser Valley')
(see screenshot)
Resulting error:
================
When logged in as Hilary, the show screen of an information object in
repository 'Foo' will allow 'edit' privileges (Should be denied on all
repositories *except* 'Archives of the Fraser Valley)
Last permission entered (in this case 'allow' for repository 'Archives of
the Fraser Valley') is the only user permission checked.
NOTE: If the "editor" group is removed from Hilary, then she will be denied
access on all repositories except 'Archives of the Fraser Valley' because
there is no longer a valid 'grant' rule at the group level.
See: http://framework.zend.com/issues/browse/ZF-9129
Expected result:
================
Hilary should not be able to edit information objects in any repository
except 'Archives of the Fraser Valley'
Attachments:
multiple_permissions_bug.png 93.6 KB
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups "Qubit
Toolkit Issues" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/qubit-issues?hl=en.
