Editors and translators should be able to access the physical storage module
|Target version:||Release 2.5.3|
|Google Code Legacy ID:||Tested version:||2.5|
In the 2.4 release, we discovered some inconsistencies in the default permissions, and that authenticated users who were not part of any group could access modules they should not be able to view. We corrected many of these in issue #11075.
However, in that fix, we implemented too extreme a solution, allowing only administrators to view the physical storage module. There are many cases where Editors may need access, and local translators may also need to add translated container names.
It turns out that the default permissions are contained in a configurable YAML file, located here:
This fix will change the default permissions so that:
- Administrators, Contributors, Editors, and Translators can view physical storage records (via link or direct URL)
- Administrators, Editors, and Translators can browse and edit physical storage records
- Administrators and Editors can delete physical storage records
For any users who wish to restrict these permissions further, they can make local edits to the YAML file listed above.
#7 Updated by Dan Gillean 11 months ago
- Description updated (diff)
- Status changed from Code Review to Verified
- Assignee deleted (
This was also cherry-picked to stable/2.5.x in: https://github.com/artefactual/atom/commit/819666542f504e978907ad64bc6bdff718c22f36
However, since it was not included in the 2.5.2 tarball and we currently have no plans to make a 2.5.3 release before 2.6 is available, I'm leaving the Target version set to 2.6 for this one.