Details
-
Story
-
Resolution: Incomplete
-
High
-
None
-
None
-
None
Description
The "hidden" state for content and locations is a convenience feature for withdrawing content from the frontend. It is not role based, and does not prevent read access through all means. To securely restrict content read access, use sections, or object states, and corresponding roles. Or add/remove locations.
We have documentation for this, but it should be more clear. The Admin UI should also clarify it.
TODO
- The Admin UI says "This Content item or its Location is hidden." in a blue info bar above the content. This should point to clear doc about what it means. See template and translation file. ⏳
- The property doc should be corrected and expanded a little, ref IBX-6263 ⏳
- The Security Checklist should be specific on the hidden state
PR: https://github.com/ezsystems/developer-documentation/pull/2092 (merged) ✅
- The Location Visibility doc should be improved
PR: https://github.com/ezsystems/developer-documentation/pull/2091 (merged) ✅
- The Copy, move, hide doc should be improved
PR: https://github.com/ezsystems/user-documentation/pull/224 (merged) ✅
Designs
Attachments
Issue Links
- relates to
-
IBX-6263 ContentInfo::$isHidden should have a meaningful description
- Open