Status: New
Owner: [email protected]
CC: [email protected]
Labels: Type-Defect Priority-Critical Component-User-Mgmt
New issue 2403 by [email protected]: User with restricted permissions
to a repository can view and edit information objects belonging to other
repositories
http://code.google.com/p/qubit-toolkit/issues/detail?id=2403
To reproduce this error:
========================
1)create user and assign to group (you must have multiple information
objects and multiple repositories in the system)
2)open information object permissions and deny group permissions to user
3)add repository and allow information object permissions only for that
repository
4)save and logout
5)log in as user
Resulting error:
================
user can view and edit all information objects regardless of their
repository affiliation
Expected result:
user can only view and edit information objects affiliated with their
repository
================
--
You received this message because you are subscribed to the Google Groups "Qubit
Toolkit Issues" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/qubit-issues?hl=en.
