-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Completed
-
Affects Version/s: 6.2 EE GA1 (6.2.10), 7.0 DE (7.0.10)
-
Fix Pack Status:Scheduled
A user may continue to have access to resources even after their permission has been removed because user permissions are not updated when GroupLocalServiceUtil.deleteRoleGroup(long, long) is called until after the cache is cleared. This issue only affects the portal if GroupLocalServiceUtil.deleteRoleGroup(long, long) is directly called. This issue does not occur if permissions is updated through the portal's UI.