Uploaded image for project: 'Opencast'
  1. MH-8524

Public access discriptor is deceptive

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed and reviewed
    • Affects versions: 1.3
    • Fix versions: 1.3
    • Labels:
      None
    • Severity:
      Incorrectly Functioning With Workaround
    • Steps to reproduce:
      Hide
      When editing the ACL for a series there is a selector for:

      Public (no authorization required)

      The rights given by this are slightly deceptive and will lead to unexpected consequences for Administrators as it grants the ROLE_ANONYMOUS access to the series. As a result ordinary authenticated users won't see the recordings as they don't have the ROLE_ANONYMOUS

      either the permission check needs to change so that ROLE_USERS can see these or that label needs to be more specific. I suggest the former (that role_anon grants rights to role_user)
      Show
      When editing the ACL for a series there is a selector for: Public (no authorization required) The rights given by this are slightly deceptive and will lead to unexpected consequences for Administrators as it grants the ROLE_ANONYMOUS access to the series. As a result ordinary authenticated users won't see the recordings as they don't have the ROLE_ANONYMOUS either the permission check needs to change so that ROLE_USERS can see these or that label needs to be more specific. I suggest the former (that role_anon grants rights to role_user)

      TestRail: Results

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                twunden Tobias Wunden
                Reporter:
                dhorwitz David Horwitz
              • Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  TestRail: Cases