-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Won't Do
-
Affects Version/s: 9.10
-
Fix Version/s: None
-
Component/s: Web UI
-
Epic Link:
-
Backlog priority:600
-
Upgrade notes:
-
Team:UI
-
Sprint:nxGang Sprint 11.1.14, UI - 2020-08
Our elements check grouped permissions whereas it should check atomic permissions.
For instance, our nuxeo-document-form-button.html relies on:
this.hasPermission(doc, 'Write')
to be available whereas it should check the WriteProperties atomic permission.
As a direct result, a custom grouped permissions including WriteProperties will not make the edit button available.
We have many other use cases that may require a review (including in nuxeo-elements, probably another ELEMENTS JIRA ticket will be needed).
~/workspace/nuxeo-web-ui$ find elements/ -name "*.js" | xargs grep "'Write'" elements/nuxeo-document-creation/nuxeo-document-creation-behavior.js: document.contextParameters.permissions.indexOf('Write') > -1 || elements/search/nuxeo-saved-search-actions.js: ? this.searchDoc.contextParameters.permissions.indexOf('Write') > -1 || elements/nuxeo-results/nuxeo-document-content-behavior.js: return doc && this.hasPermission(doc, 'Write'); elements/nuxeo-document-bulk-actions/nuxeo-untrash-documents-button.js: * Checks if a single given document has 'Write' permission elements/nuxeo-document-bulk-actions/nuxeo-untrash-documents-button.js: return this.hasPermission(document, 'Write'); elements/nuxeo-document-bulk-actions/nuxeo-delete-documents-button.js: * Checks if a single given document has 'Everything' permission to delete or 'Write' to trash elements/nuxeo-document-bulk-actions/nuxeo-delete-documents-button.js: return this.hasPermission(document, 'Everything') || (!this.hard && this.hasPermission(document, 'Write')); elements/nuxeo-document-attachments/nuxeo-document-attachments.js: doc && this.hasPermission(doc, 'Write') && !this.isImmutable(doc) && doc.type !== 'Root' && !this.isTrashed(doc) elements/nuxeo-note-editor/nuxeo-note-editor.js: return document.type !== 'Root' && this.hasPermission(document, 'Write') && this._isMutable(document); elements/document/nuxeo-collapsible-document-page.js: readonly="[[!hasPermission(document, 'Write')]]" elements/nuxeo-document-actions/nuxeo-replace-blob-button.js: this.hasPermission(doc, 'Write') && elements/nuxeo-document-actions/nuxeo-document-form-button.js: return doc && doc.type !== 'Root' && this.hasPermission(doc, 'Write') && this._isMutable(doc); elements/nuxeo-publication/nuxeo-unpublish-button.js: return this.document && this.document.isProxy && this.hasPermission(this.document, 'Write'); elements/nuxeo-publication/nuxeo-document-publications.js: return doc && this.hasPermission(doc, 'Write'); elements/nuxeo-document-versions/nuxeo-document-versions.js: const permission = !this.isVersion(doc) && this.hasFacet(doc, 'Versionable') && this.hasPermission(doc, 'Write'); elements/nuxeo-document-versions/nuxeo-document-create-version.js: return !this.isVersion(doc) && this.hasFacet(doc, 'Versionable') && this.hasPermission(doc, 'Write'); elements/nuxeo-document-create-button/nuxeo-document-create-button.js: document.contextParameters.permissions.indexOf('Write') > -1 || elements/nuxeo-document-viewer/nuxeo-document-viewer.js: doc && this.hasPermission(doc, 'Write') && !this.isImmutable(doc) && doc.type !== 'Root' && !this.isTrashed(doc) elements/nuxeo-document-info-bar/nuxeo-document-info-bar.js: <template is="dom-if" if="[[!hasPermission(document, 'Write')]]"> elements/nuxeo-document-info-bar/nuxeo-document-info-bar.js: <template is="dom-if" if="[[hasPermission(document, 'Write')]]">
- depends on
-
-
- Resolved
-
- is related to
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- is required by
-
-
- Open
-
