[jboss-jira] [JBoss JIRA] Commented: (JBPORTAL-1514) Could not assign selective permissions when securing cms repositories

Sohil Shah (JIRA) jira-events at lists.jboss.org
Thu Jun 28 15:36:09 EDT 2007 

    [ http://jira.jboss.com/jira/browse/JBPORTAL-1514?page=comments#action_12367212 ] 
            
Sohil Shah commented on JBPORTAL-1514:
--------------------------------------

>In step 2, the user is totally blocked access to the repository. he is not able to read the repository. 

Yes this is as expected. Typically read access means you have access to read the actual document when grabbing it via the CMSPortlet from the CMS repository. 
Read access does not mean, ability to browse the CMSAdmin tool in read-only mode. The security system does not have support for that usecase right now


>In step 3, i was able to read and write to the cms repository and also was able to manage (secure permissions).
Were you able to do this when logged in as that user who was granted only "read"/"write" permissions, or were you able to do this when logged in as an "admin".

If its first case, then thats a bug, if its the latter then thats expected


> Could not assign selective permissions when securing cms repositories
> ---------------------------------------------------------------------
>
>                 Key: JBPORTAL-1514
>                 URL: http://jira.jboss.com/jira/browse/JBPORTAL-1514
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal CMS
>            Reporter: Rajesh Rajasekaran
>         Assigned To: Julien Viet
>             Fix For: 2.6 Final
>
>
> What i am trying to do here:
> 1.Create a new repository and a new user when logged in as admin.
> 2.Secure the cms repository and assign only read permissions to that user on that repository and block write and manage permissions.
> In step 2, the user is totally blocked access to the repository. he is not able to read the repository.
> 3.I gave read and write permissions but blocked manage permissions.
> In step 3, i was able to read and write to the cms repository and also was able to manage (secure permissions).
> Just wanted to check if this is a valid use case and i am doing it right.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list