Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-29493

Content/Remove with Content Type limitation allows to remove sub-items of CI with different CT

    XMLWordPrintable

Details

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: High High
    • None
    • 2.3.2, 2.4.0
    • None

    Description

      Preconditions:

      Created: Article with a Folder child

      Steps:

      1. Create new role with policies:

      • User/Login
      • Content/Remove with limitation 'Content Type/Article'
      • Content/Read
      • Content/Versionread

      2. Create a user and assign it to the role
      3. Log in as a new user
      4. Go to the Article - Trash button is active on right sidebar
      5. Go to the Folder - Trash button is not visible
      6. Go back to the Article, click Trash button and confirm

      Actual result:

      Article is removed and its child - Folder is removed as well.

      Expected result:

      It should be forbidden, because user didn't have permissions to remove this content items with CT different than Article.

      Attachments

        Activity

          People

            Unassigned Unassigned
            barbara.grajczyk@ez.no Barbara Grajczyk
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: