Actions
Bug #16538
closed
workbench 2 should not allow sharing "write" or "manage" to all users group
Status:
Rejected
Priority:
Normal
Assigned To:
-
Category:
Workbench2
Target version:
-
Story points:
-
Related issues
Updated by Tom Clegg almost 4 years ago
One known example where the current user's UUID is missing from writable_by:
- user A creates a collection and shares (read+write) with the "all users" role group
- user B gets the collection
- user B's uuid is missing from writable_by
This is correct because the collection is not, in fact, writable by user B. The "all users" role membership (added by user setup) is read-only.
Updated by Tom Clegg almost 4 years ago
Since this seems to be the only known case, it seems the real bug is that "share R+W with All Users" just doesn't do what it sounds like, because the "All Users" role is a special role that intentionally behaves differently from other roles (multi-tenant means users can't necessarily see one another merely because they have been setup).
The solution may be to prevent Workbench from offering to share with the special All Users role beyond read-only.
Updated by Tom Clegg almost 4 years ago
- Related to Idea #15372: Revise group permissions to separate them from permissions on managed objects added
Updated by Peter Amstutz almost 4 years ago
- Target version changed from 2020-07-01 Sprint to 2020-07-15
Updated by Tom Clegg almost 4 years ago
- Target version changed from 2020-07-15 to 2020-08-12 Sprint
Updated by Peter Amstutz over 3 years ago
- Target version changed from 2020-08-12 Sprint to 2020-08-26 Sprint
Updated by Tom Clegg over 3 years ago
- Target version changed from 2020-08-26 Sprint to 2020-09-09 Sprint
Updated by Peter Amstutz over 3 years ago
- Subject changed from current user appears in writable_by if user can actually write to the project to workbench should not allow sharing "write" or "manage" to all users group
Updated by Peter Amstutz over 3 years ago
- Category changed from API to Workbench2
- Subject changed from workbench should not allow sharing "write" or "manage" to all users group to workbench 2 should not allow sharing "write" or "manage" to all users group
Updated by Tom Clegg over 3 years ago
- Assigned To deleted (
Tom Clegg) - Status changed from In Progress to New
Updated by Peter Amstutz over 3 years ago
- Target version changed from 2020-09-09 Sprint to 2020-09-23 Sprint
Updated by Peter Amstutz over 3 years ago
- Target version deleted (
2020-09-23 Sprint)
Actions