[MAGNOLIA-3179] Setting permissions on a subfolder Created: 08/Apr/10  Updated: 03/May/10  Resolved: 08/Apr/10

Status: Closed
Project: Magnolia
Component/s: None
Affects Version/s: 4.2.3
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: Jan de Rijke Assignee: Jan Haderka
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
duplicate
duplicates MAGNOLIA-2452 security: allow creating roles which ... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Date of First Response:

 Description   

I have a parent folder with a set of subfolders A-L.
I want to give users access to different subfolders.
The only way to set this up is rather clumsy (described below).
QUESTION: Is this the correct and intended way to do this?
1/ i created a PARENTrole that gives access to the parent folder and denies access to the subfolders with website ACLs
read only-selected and subpages-/parent
deny access-selected and subpages- /parent/A
deny access-selected and subpages- /parent/B
....
deny access-selected and subpages- /parent/L
2/ I created a Arole role for users with access to subfolder A (and one for B...L)
read only-selected and subpages-/parent/A
3/ I assigned the user with access to A, PARENTrole and Arole (and did the same for users on other subfolders)
==========================================================
Whenever I add another subfolder, (e.g. M) I
1/ add a deny /parent/M to the PARENTrole
2/ create an Mrole
==========================================================
Another issue: whenever i rename a URL on the site, associated ACL's become stale (is this a bug?)



 Comments   
Comment by Jan Haderka [ 08/Apr/10 ]

1/ i created a PARENTrole that gives access to the parent folder and denies access to the subfolders with website ACLs
read only-selected and subpages-/parent
deny access-selected and subpages- /parent/A

alternatively you can grant read only access to selected and sub pages to /parent$ in which case the access will be granted to parent only and not to subpages

Another issue: whenever i rename a URL on the site, associated ACL's become stale (is this a bug?)

No, the paths and URIs are not observed and ACLs do not update automatically. This is due to fact that you can have also multiple virtual URI mappings that would be affected by such change.

Comment by Jan de Rijke [ 03/May/10 ]

ON the second issue: can this be changed in an improvement request:
how do you tell a customer he has to review all roles whenever somebody somewhere modifies a folder name?
how can a customer find all roles that need to be updated?

Generated at Mon Feb 12 03:43:58 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.