[MGNLUI-3979] Cannot grant URI permissions to root Created: 11/Aug/16  Updated: 25/Aug/16  Resolved: 22/Aug/16

Status: Closed
Project: Magnolia UI
Component/s: security app
Affects Version/s: 5.4.8
Fix Version/s: 5.4.9

Type: Bug Priority: Neutral
Reporter: Mikaël Geljić Assignee: Mikaël Geljić
Resolution: Fixed Votes: 0
Labels: acl
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File granting-uri-permissions-root.png    
Issue Links:
supersession
supersedes MGNLUI-3838 Wrong ACL-validation results in Acces... Closed
Template:
Patch included:
Yes
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Testcase included:
Yes
Sprint: Saigon 58
Story Points: 3

 Description   

Given a custom admin role with Get&Post URI access to /* (right-side of the screenshot)
A custom admin user cannot grant any URI permission to / or /* (left-side of the screenshot)
Granting permissions to any other path does still work.

This is mitigated when superusers manage roles (they can grant anything practically), but needs to be fixed for multi-tenancy scenarios.


Generated at Mon Feb 12 09:12:03 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.