Details
-
Improvement
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
Description
At this moment, /webfiles has 'readonly' for
- liveusers
- previewusers
- sitewriters
- webmaster
I think we can better make /webfiles 'readonly' for group everybody (or some user role everyone has). The thing is that in the future, we expect more finegrained new (user)roles being added runtime. Assume that you want a new role/group to have write access on a specific HST Channel, for example the group/role that has
channel-intranet-webmaster
introducing such a new specific authorization giving write access to only a certain channel now requires this role/group to be added to /webfiles as well since the webfiles need to be readable for Channel Mgr users that want to modify the channel configuration in the Channel mgr.
I think this is redundant and we can safely grant access to everyone for /webfiles...or if we really don't want the anonymous user to have access, introduce a generic role (webfiles-reader) that almost every group/user has by default.
What do you think adouma?