Bug #9761

Authenticated users (that aren't editors) can edit accessions

Added by Mike Gale about 6 years ago. Updated over 5 years ago.

Status:VerifiedStart date:04/29/2016
Priority:HighDue date:
Assignee:David Juhasz% Done:

0%

Category:Accessions
Target version:Release 2.3.0
Google Code Legacy ID: Tested version:2.2, 2.3
Sponsored:No Requires documentation:

Description

To reproduce:
  1. Create an accession and note its URL
  2. Create an authenticated user (no other groups)
  3. Login as the authenticated user
  4. Go to the accession URL in step one

Result: The user has the ability to view the accession and even edit it
Expected result: Authenticated users by default shouldn't be allowed to view or edit accessions


Related issues

Related to Access to Memory (AtoM) - Bug #9419: Editor permissions to edit PREMIS rights statements incon... Verified 02/09/2016

History

#1 Updated by Mike Gale about 6 years ago

  • Related to Bug #9419: Editor permissions to edit PREMIS rights statements inconsistent between accessions and archival descriptions added

#2 Updated by Mike Gale about 6 years ago

  • Private changed from Yes to No

#3 Updated by Mike Gale about 6 years ago

  • Status changed from New to QA/Review
  • Assignee changed from Mike Gale to Dan Gillean

#4 Updated by Evelyn McLellan about 6 years ago

  • Status changed from QA/Review to Verified

#5 Updated by David Juhasz over 5 years ago

  • Status changed from Verified to Document

This change has restricted access to accessions to the Editor and Administrator user groups.

This change should be updated in the documentation:

#6 Updated by David Juhasz over 5 years ago

  • Assignee changed from Dan Gillean to David Juhasz

#7 Updated by Dan Gillean over 5 years ago

  • Requires documentation set to Yes

#9 Updated by Dan Gillean over 5 years ago

  • Status changed from Document to Verified

Also available in: Atom PDF