-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Assigning access to a role for a restricted folder, disables restriction to that folder #197
Comments
@togis Please take into account::
SCREEN: /manage_access allows inspection of the permission details |
@drfho: thank you for looking into the problem and clarifiaction of functionality.
The problem just occures when I add permissons to a new role. Saving a folder actually fixes the problem. I checked manage_access and also don't see any changes in the folder permissons after saving the folder.
yes, I created all users on the root level and assigned them to their groups. The access rights are then managed in the respective group.
Yes, the users will only assigned to their groups and wil have no other access rights. Can you please check again in the following order: add folder1 (restricted) login with user1 then: add folder2 (restricted) logout user1 and login user2 and user2 can access only folder2. Logout again and login user1 and user1 can still access both folders. Now save folder2 and user1 can't access it anymore. If you can't reproduce this behavior it might be something in my setup. If you like I can give you access to my test enviroment so you can reproduce it here. |
@drfho: I got more information: I looked at the folder2 persmisson of user1 / group1 with subscriber permissions to folder 1 only. When looking at the permissions of user1 in folder2, it looks like this: Now I assign subscriber permissons to group2 for folder2 and then the permissons of user1 look like this: So after assigning subscription permissions for folder2 to group2, user1 also get's View permissons to folder2. FYI: I also tested assigning roles to users and this does not mess with the permissons. |
@togis
ZMS/Products/zms/_accessmanager.py Line 125 in e321739
ZMS/Products/zms/_accessmanager.py Lines 504 to 510 in e321739
Discussion: As a quick solution I would recomment to define the roles first and restrict the nodes as a second step. Then everything should be fine (corresponding to your observation, that the node's permissions are corrected after saving). Conclusion: Looking forward |
Hello @togis , |
Hi everybody,
I just experienced a strange behavior assigning access roles while managing subscribers in groups.
Lets say we have several folders e.g. folder1, folder2, folder3 that are accessable for certain user roles like group1, group2, group3. The roles get assigned to the users like group1 > user1, group2 > user2, group3 > user3 and everything works fine.
Then I add a new restricted folder4 and create a new subscriber role (group4) with access to the new folder4. After assigning the access rights to the new role, folder4 is accassable to all logged in users not only to group4.
When I then safe folder4 without changing anything, everything works fine again.
To me it looks like the access rights get mixed up after assigning rights to a role and then everything get's in order again after safing the folder.
Any ideas where this might come from?
Thanks;
Tobias
The text was updated successfully, but these errors were encountered: