Details
-
Type:
Story
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: integrated-0.5
-
Component/s: None
-
Labels:
Description
Current situation
- Any user can be assigned to a content item, also when he does not have access to it. In that case the user will have the content in his assigned list, but is unable to open the content.
Desired situation
- When the current user is assigned to a content item he must have WRITE rights to it, also if he doesn't have it because of the workflow state rights.
Required change
I think the change must be made in integrated\workflow-bundle\Security\WorkflowVoter.php
How to prepare the WorkFlowBundle to reproduce the problem
Configuration:
- Make sure you install the WorkFlowBundle first: https://bitbucket.org/eactive/integrated-workflow-bundle/overview
- Go to Manage - Workflow. Add a new workflow. The new workflow needs a name and some states. For example: Draft and Published. One state needs to be the default. Write permissions for the default state need to be available for specific groups only.
- Go to the menu: Manage - Content types. Edit a content type. Choose the Workflow you just created for this content type.
- Create content and assign a user.
- Note: workflow configuration is saved in ORM (mysql)
Attachments
Issue links
- relates to
-
-
- Closed
-
