Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-5682

[Security management] Disabled assets can be edited

    Details

    • Sprint:
      2017 Week 40-41-42
    • Steps to Reproduce:
      Hide
      1. Create 2 projects. (Authoring -> Project Authoring)
      2. Create an asset (drl file, data object, etc.) in the second project. Let the asset open.
      3. Disable access to the second project (Home -> Admin -> Roles -> admin -> Projects -> Add exception)
      4. Save changes and refresh your browser.
      5. Open Project Authoring.
      6. Asset can be edited
      Show
      Create 2 projects. (Authoring -> Project Authoring) Create an asset (drl file, data object, etc.) in the second project. Let the asset open. Disable access to the second project (Home -> Admin -> Roles -> admin -> Projects -> Add exception) Save changes and refresh your browser. Open Project Authoring. Asset can be edited
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      If you disable a project / repository / org. unit. access but an asset remains open, it is still possible to make some changes, delete it, etc.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  paulovmr Paulo Rego
                  Reporter:
                  tomasdavidorg Tomas David
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: