-
Epic
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
-
Sane Default Roles & Groups
As of Magnolia 6.2, onboarding new users typically requires project security setup boilerplate. Our goal is to provide sane defaults for user security, so that onboarding new editors or publishers is a simple assignment to a group or role. This holds true regardless of whether users are managed internally (JCR) or externally mapped via LDAP or SSO. Content-based or per-app permissions are out-of-scope.
In particular, here are several shortcomings:
- Projects need to define their own groups (in Security app or via bootstrapping), and guess which product roles to grant them.
- Workflow module provides two roles: editor and publisher. They only give permissions to a fixed set of semi-arbitrary workspaces: website, dam, category and contacts (!). No stories nor personalization’s segments for example.
- There is no default role, except superuser, giving web access to the Admincentral.
- Content Types only grant R/W access to the superuser role, upon autoCreate.
- is related to
-
MGNLTEST-63 Provide users, groups and roles used for functional tests (phase-1)
- Closed
- relates to
-
MLEARN-20 Use the role-based memory neural network strategy out of the box
- Closed
- supersedes
-
MGNLDEMO-361 Eric can edit & publish while Peter is powerless on apps without workflow
- Closed
-
MGNLWORKFLOW-397 editors group is missing permissions
- Closed
- links to
- mentioned in
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...