Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-6687

All the sections roots are visible in the publishing table, without any respect of the security

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 5.4.1
    • Fix Version/s: 5.4.2-RC2, 5.4.2
    • Component/s: None

      Description

      In a Nuxeo with various domains, all the sections roots are listed, even if the user doesn't have the Read Permission on the content node.

      It is not a real security problem as if let unchanged, what is displayed is " Sections". But it is a problem for usability if there are hundreds of domains.

        Attachments

          Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. NXP-4635 Local Sections list (for publication) does not respect security

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. NXP-4636 Local Sections list (for publication) does not respect domain with no Section

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: