Workflow rights are not applied on the content edit page

Description

Steps

Add a (non-administrative) user in a group
Add a workflow and add it to a content type
Add a read right for the added group, but not a write right
Open a document with only read rights
Result: the user can write as well
Note: even removing the read rights allows the user the write (however the document disappears from the content navigator)

Environment

None

Deployment actions

Verify app/config/security.yml:

access_decision_manager:
strategy: unanimous

Technical tasks

None

Status

Assignee

Unassigned

Reporter

Marijn Otte

Labels

time-estimate-accepted

Client

Integrated Marijn

External issue ID

None

Follow up date

None

Code reviewer

Michael Jongman

Developer

Jeroen van Leeuwen

Plan date

None

Max. hours

None

Error message

None

Min. hours

None

Product owner

Marijn Otte

Refiner

None

Switches

None

Dev hour estimate

None

Story Points

Time tracking

8h 30m

Sprint

None

Fix versions

integrated-0.7

Due date

2017/05/19

Priority

Major

Configure