[MGNLFORUM-250] Remove not supported moderation-permission Created: 05/Mar/14 Updated: 13/Mar/14 Resolved: 12/Mar/14 |
|
| Status: | Closed |
| Project: | Forum (closed) |
| Component/s: | security |
| Affects Version/s: | None |
| Fix Version/s: | 3.3 |
| Type: | Story | Priority: | Neutral |
| Reporter: | Christoph Meier | Assignee: | Roman Kovařík |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Σ Remaining Estimate: | Not Specified | Remaining Estimate: | Not Specified |
| Σ Time Spent: | Not Specified | Time Spent: | Not Specified |
| Σ Original Estimate: | Not Specified | Original Estimate: | Not Specified |
| Attachments: |
|
||||||||||||||||||||||||||||||
| Issue Links: |
|
||||||||||||||||||||||||||||||
| Sub-Tasks: |
|
||||||||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||||||||
| Description |
|
Forum on M4.5 had sophisticated security-model which is currently not supported by Magnolia 5. Bootstrap (originating from M4.5-version) installs these 4 roles. 1) forum-base (2), (3) and (4) all come with an ACL-permission for the forum-workspace which M5-security-app cannot display correct (see screenshot) and is lost when someone is editing it. Forum 3.3 should apply the following simple security model: (a) role forum-base is required to access the forum-app (a) is already done but probably arguable. =>
|
| Comments |
| Comment by Christoph Meier [ 11/Mar/14 ] |
|
All subtasks of |
| Comment by Milan Divilek [ 11/Mar/14 ] |
|
Reopen: There is no reason to have "forum-moderator-base" role longer. It's only used for forum app availability (/modules/forum/apps/forum/permissions/roles). Instead of this we should change forum app availability to roles forum_ALL-admin and forum_ALL-moderator. Also "forum-base" role seems useless. Please check it. |