Details
-
Task
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
Description
A critical repository configuration is the security domains setup. However, there are no integration tests for the specific default security setup. We have integration tests for implementations like the HippoAccessManager and all kind of custom domains, but if someone makes a change to the default security domain setup, there should be integration tests asserting there are no unexpected changes /side effects.
At this moment, the domain security for authors and editors has been set up as follows:
1) They can read folders / directories below /content
2) They can write to documents below /content that are draft and on which they are the holder (documents with publishable workflow)
3) They can write to documents below /content which are not publishable ( these documents typically are imagesets and assets)
Attachments
Issue Links
- relates to
-
REPO-2239 Editors/Authors should not require write permissions to folders and sanitize CMS permission checks
- Closed