Details
-
Bug
-
Resolution: Fixed
-
Minor
-
COmanage Registry 3.2.3 (Oyster Pearl MR3)
Description
In COmanage a COU entity is defined by 3 groups. The members all and active groups and the admins group.
The users that belong in the first two are the simple members of the COU, while the users that are part of the admins group are the COU admins.
We would expect that a user that is a member and owner of the COU admins group should be able to edit the admins group. Nevertheless, the user gets a permission denied error as soon as s/he tries to navigate to the edit view.
Also the behaviour of the framework is fuzzy, since if the COU admin navigates to Groups->Index->View then in the actions column, an active Edit button is found besides the COU admins group. If the user clicks on this, s/he will get a permission denied error.
The drive behind this change is to identify the actual meaning of being member and owner of the COU admins group. The users need to have the priviledges to add new members into the admins group or edit the admins group, since they are owners and members of that group. But they can not.
The user we refer to is a CO member, COU member(not mandatory) and member+owner of the COU admins group.
