Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-18765

Wrong right resolution when denying a right to user who belongs to group with PR

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Fix
    • Major
    • None
    • 9.11.8, 11.10.10, 13.4
    • Security
    • None
    • Unknown
    • N/A
    • N/A

    Description

      Reproduction steps:

      • Create a group with PR right (or use XWikiAdminGroup from default flavor)
      • Create a user and put it in that group
      • Deny the delete right to that user

      Expected result:

      • Since the user belongs to a group with PR right, they should still be able to delete pages

      Obtained result:

      • The user is not able anymore to perform delete actions

      Note that if the PR right is given explicitely to the user then they can still delete pages.

      Attachments

        Activity

          People

            surli Simon Urli
            surli Simon Urli
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: