Uploaded image for project: 'COmanage'
  1. COmanage
  2. CO-731

Menu Permissions Incorrectly Calculated

    XMLWordPrintable

Details

    Description

      Menu permissions are calculated in such away that if a person is a CO Admin in 1 CO but a member of 2 COs, the menu will render CO Admin-oriented menu items for both COs. (There are additional variations.) This is because the menu permissions are calculated in AppController::menuAuth() on an overall basis, and the links rendered in Elements/dropMenu.ctp can't/don't check the CO-level permission.

      Note this only applies to the rendering of the menu item. The actual per-controller authz still happens when the link is clicked.

      Attachments

        Issue Links

          depends on

          Improvement - An improvement or enhancement to an existing feature or task. CO-828 Add CO selector menu

          • Major - Major loss of function.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. CO-416 Improve Menu System

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              benn.oshrin@at.internet2.edu Benn Oshrin (internet2.edu)
              benn.oshrin@at.internet2.edu Benn Oshrin (internet2.edu)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: