-
Bug
-
Resolution: Not an issue
-
Critical
-
3.5 RC1, 3.5 RC2, 3.5 RC3, 3.5, 3.5.1, 3.5.2
-
None
After fixing MAGNOLIA-1536 security checks performed on activation/deactivation are now inconsistent. To activate the document permission to access /ActivationHandler is satisfactory condition (no write permission to the given part of repository necessary), however to deactivate document user needs to be able to access the /ActivationHandler and needs REMOVE permission on deactivated document. This leads to situation where user can activate the document but has no permission to deactivate it.
Acceptance criteria