[MGNLRES-404] Create resources-editor role that allow get from /.resources/* Created: 02/Aug/23 Updated: 10/Jan/24 Resolved: 02/Nov/23 |
|
| Status: | Closed |
| Project: | Magnolia Resources Module |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.0.0 |
| Type: | Bug | Priority: | Neutral |
| Reporter: | Robert Šiška | Assignee: | Quach Hao Thien |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | dx-core-6.3 | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | 6.5h | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||
| Task DoD: |
[X]*
Doc/release notes changes? Comment present?
[X]*
Downstream builds green?
[X]*
Solution information and context easily available?
[X]*
Tests
[X]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||
| Bug DoR: |
[X]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||||||||||
| Release notes required: |
Yes
|
||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||
| Epic Link: | Sane Default Roles & Groups | ||||||||||||||||||||||||
| Story Points: | 3 | ||||||||||||||||||||||||
| Team: | |||||||||||||||||||||||||
| Work Started: | |||||||||||||||||||||||||
| Approved: |
Yes
|
||||||||||||||||||||||||
| Description |
Steps to reproduceCreate a light-module with an HTML file: test-lm/webresources/resource.html Try to access http://localhost:8080/magnoliaAuthor/.resources/test-lm/webresources/resource.html Expected resultThe resource is returned (after login) Actual resultThe URL always redirects to login form. Developer notesOnly happens on 6.3 DX-Core. 6.2 and CE webapps work correctly. |
| Comments |
| Comment by Robert Šiška [ 12/Oct/23 ] |
|
6.3 introduced a new structure of ACLs. Namely, admincentral-editor denies web access to "./" and no other role allows ".resources/"
Proposed solution after discussion with Evzen: introduce a new role "resources-editor" and assign it to publishers, editors & developers groups. |
| Comment by Mikaël Geljić [ 26/Oct/23 ] |
|
The resources-editor role was already done in |