Uploaded image for project: 'Ideas Application'
  1. Ideas Application
  2. IDEAS-41

Non-Admin users can edit the application

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Major
    • None
    • 1.8
    • None
    • Windows Server 2003 R2, Apache 2.4, Tomcat 7, JDK 7, XWiki 6.3

    Description

      Normal users (with edit permissions but without admin/programming rights) have the link "Edit application" available and can actually do it. With a normal user I was able to add and delete fields of the application which destroys the idea details page completely. Due to the fact that applications don't have a history only fix is un- and re-installing the ideas application.

      Even excluding those rights to the ideas main page

      Users without programming permissions should only be allowed to add new ideas.

      Attachments

        Issue Links

          depends on

          Improvement - An improvement or enhancement to an existing feature or task. XWIKI-13034 Add a new step to the App Within Minutes wizard to configure the access rights

          • Major - Major loss of function.
          • Reopened

          Activity

            People

              Unassigned Unassigned
              dennis Dennis
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: