Details
-
Bug
-
Resolution: Fixed
-
High
-
2.1.0
-
None
Description
Steps:
1. Go to Admin/Role and modify Editor's role like this:
- Policies:
- User/Login
- User/Password
- Content/Read
- Content/Versionread
- Content/Reverserelatedlist
- Content/Create
- Assingments
- Editors with no limitations
2. Add a user in Editors group
3. Log in as user from previous step
4. Go to Content/Content Structure
5. Click Create and choose Article
6. Fill obligatory fields and click Publish
Actual result:
Error 403 is thrown:
User does not have access to 'publish' 'content' with: contentId '62'
Expected result:
If user doesn't have Content/Publish policy, Publish button should be inactive, like it looks like on Content/Content structure right side bar, when user doesn't have Content/Create policy
Affects also:
- Content/Edit
Steps:
1-5 are the same
6. Click Save
7. Click Publish: error message says that user didn't have access to edit content. If I add Content/Edit policy, error message says that user didn't have access to publish.
*Content/Remove
Steps:
1-5 are the same
6. Click Save
7. Click Delete draft - error message says that user didn't have access to remove content. So Delete draft button should also be inactive when user doesn't have this policy.