-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 7.1.X, Master
-
Fix Version/s: 7.1.10 DXP FP21, 7.1.X, 7.2.10 DXP FP10, 7.2.X, 7.3.X, Master
-
Component/s: Forms
-
Branch Version/s:7.3.x, 7.2.x, 7.1.x
-
Backported to Branch:Committed
-
Fix Priority:4
-
Git Pull Request:
Steps to reproduce:
- Create a new role defining just the next permission: Site Administration -> Content & Data -> Forms -> General Permissions ->Access in Site Administration. See attached the resulting permissions summary.
- Create a new user and assign it the previous role.
- Set the user as member of Liferay DXP site.
- Add a new form 'test'.
- Log in with the new user.
- Access to Site Admin -> Content & Data -> Forms.
Expected result: user should not be able to select a form to be deleted.
Actual result: user can select a form from the list and try to delete it.
The delete operation will not complete, but the user should not have this option since it has no permission.
This is the same for Element Sets and Data Providers.