Uploaded image for project: '[Read Only] - Hippo Site Toolkit 2'
  1. [Read Only] - Hippo Site Toolkit 2
  2. HSTTWO-4648

Reconsider /webfiles default authorization

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • 14.0.0
    • None
    • None

    Description

      At this moment, /webfiles has 'readonly' for

      1. liveusers
      2. previewusers
      3. sitewriters
      4. webmaster

      I think we can better make /webfiles 'readonly' for group everybody (or some user role everyone has). The thing is that in the future, we expect more finegrained new (user)roles being added runtime. Assume that you want a new role/group to have write access on a specific HST Channel, for example the group/role that has

      channel-intranet-webmaster
      

      introducing such a new specific authorization giving write access to only a certain channel now requires this role/group to be added to /webfiles as well since the webfiles need to be readable for Channel Mgr users that want to modify the channel configuration in the Channel mgr.

      I think this is redundant and we can safely grant access to everyone for /webfiles...or if we really don't want the anonymous user to have access, introduce a generic role (webfiles-reader) that almost every group/user has by default.

      What do you think adouma?

      Attachments

        Activity

          People

            Unassigned Unassigned
            aschrijvers Ard Schrijvers
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: