Uploaded image for project: '[Read Only] - Hippo Repository'
  1. [Read Only] - Hippo Repository
  2. REPO-2238

Add 'DefaultAuthorizationSetupTest' integration test that has assertions for the default '/content' authorization setup

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • 14.0.0
    • None
    • None

    Description

      A critical repository configuration is the security domains setup. However, there are no integration tests for the specific default security setup. We have integration tests for implementations like the HippoAccessManager and all kind of custom domains, but if someone makes a change to the default security domain setup, there should be integration tests asserting there are no unexpected changes /side effects.

      At this moment, the domain security for authors and editors has been set up as follows:

      1) They can read folders / directories below /content
      2) They can write to documents below /content that are draft and on which they are the holder (documents with publishable workflow)
      3) They can write to documents below /content which are not publishable ( these documents typically are imagesets and assets)

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. REPO-2239 Editors/Authors should not require write permissions to folders and sanitize CMS permission checks

          • Top - Should be worked on at this time and be top on the list, required for next intermediate release
          • Closed

          Activity

            People

              Unassigned Unassigned
              aschrijvers Ard Schrijvers
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: