Bug #13169

Editors and translators should be able to access the physical storage module

Added by Dan Gillean about 1 month ago. Updated 16 days ago.

Status:VerifiedStart date:09/10/2019
Priority:MediumDue date:
Assignee:-% Done:

0%

Category:User management
Target version:Release 2.5.3
Google Code Legacy ID: Tested version:2.5
Sponsored:No Requires documentation:Yes

Description

In the 2.4 release, we discovered some inconsistencies in the default permissions, and that authenticated users who were not part of any group could access modules they should not be able to view. We corrected many of these in issue #11075.

However, in that fix, we implemented too extreme a solution, allowing only administrators to view the physical storage module. There are many cases where Editors may need access, and local translators may also need to add translated container names.

It turns out that the default permissions are contained in a configurable YAML file, located here:

This fix will change the default permissions so that:

  • Administrators, Contributors, Editors, and Translators can view physical storage records (via link or direct URL)
  • Administrators, Editors, and Translators can browse and edit physical storage records
  • Administrators and Editors can delete physical storage records

For any users who wish to restrict these permissions further, they can make local edits to the YAML file listed above.

History

#1 Updated by Dan Gillean about 1 month ago

  • Status changed from New to Code Review
  • Assignee changed from Dan Gillean to David Juhasz

#2 Updated by David Juhasz about 1 month ago

  • Assignee changed from David Juhasz to Dan Gillean

I've requested a change on the PR. :)

#3 Updated by Dan Gillean about 1 month ago

  • Description updated (diff)

#4 Updated by Dan Gillean about 1 month ago

  • Assignee changed from Dan Gillean to David Juhasz

Round 2!

#5 Updated by David Juhasz about 1 month ago

  • Assignee changed from David Juhasz to Dan Gillean

Dan, back to you with Round 2 of feedback. :)

#6 Updated by Dan Gillean about 1 month ago

  • Description updated (diff)
  • Assignee changed from Dan Gillean to David Juhasz

#7 Updated by Dan Gillean about 1 month ago

  • Description updated (diff)
  • Status changed from Code Review to Verified
  • Assignee deleted (David Juhasz)

Merged into 2.6 in: https://github.com/artefactual/atom/commit/378a77feb80ea9040ad4057fe1388dc6d552a7b3

This was also cherry-picked to stable/2.5.x in: https://github.com/artefactual/atom/commit/819666542f504e978907ad64bc6bdff718c22f36

However, since it was not included in the 2.5.2 tarball and we currently have no plans to make a 2.5.3 release before 2.6 is available, I'm leaving the Target version set to 2.6 for this one.

#8 Updated by Dan Gillean 16 days ago

  • Target version changed from Release 2.6.0 to Release 2.5.3

Also available in: Atom PDF