Uploaded image for project: 'COmanage'
  1. COmanage
  2. CO-731

Menu Permissions Incorrectly Calculated

    XMLWordPrintable

Details

    Description

      Menu permissions are calculated in such away that if a person is a CO Admin in 1 CO but a member of 2 COs, the menu will render CO Admin-oriented menu items for both COs. (There are additional variations.) This is because the menu permissions are calculated in AppController::menuAuth() on an overall basis, and the links rendered in Elements/dropMenu.ctp can't/don't check the CO-level permission.

      Note this only applies to the rendering of the menu item. The actual per-controller authz still happens when the link is clicked.

      Attachments

        Issue Links

          Activity

            People

              benn.oshrin@at.internet2.edu Benn Oshrin
              benn.oshrin@at.internet2.edu Benn Oshrin
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: