Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-144566

Cannot assign roles unless the User role has permission to view the Administrator role

    Details

      Description

      If you revoke the User's View permission on Administrator role, you cannot assign new roles.

      Steps to reproduce:

      1. Start up Liferay
      2. Log in as your administrator
      3. Create a role, call it testRole for example and give it the following permissions:
        Portal: View Control Panel Menu
        Users and Organizations: Access in Control Panel
        Users and Organizations: View
        Users and Organizations > Organization: View
        Users and Organizations > Organization: View Members
        Users and Organizations > User: Update
        Users and Organizations > User: View
      4. Under the Roles section click on the three dots next to any role (Portal content reviewer for example) -> Permissions
      5. Grant the testRole the permissions to View and Assign members
      6. Go to Control panel -> Users & Organizations -> Users
      7. Create a user (testuser1) and grant them the testRole and give it a password
      8. Create another user (doesn't require password or anything else)
      9. Log in as testuser1 (Preferably in an incognito window as we will need the administrator again)
      10. Go to Control panel ->Users and Organizations -> Users
        Checkpoint: Notice that you can grant the role to the user. Remove it and go back to the Administrator user
      11. As the administrator go to Control panel -> Roles
      12. Click on the 3 dots next to Administrator roles -> Permissions
      13. Revoke the View role from the default User role
      14. Now go back to the testuser1 account and try to give the Portal content reviewer to the other user

      Expected result: The testuser1 is still able to grant the role
      Actual result: You get the error: You do not have the required permissions

        Attachments

          Activity

            People

            Assignee:
            team-user-system-mngt Product Team User and System Mngt
            Reporter:
            istvan.sajtos Istvan Sajtos
            Participants of an Issue:
            Recent user:
            Rafaela Nascimento
            Engineering Assignee:
            Istvan Sajtos
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              17 weeks, 5 days ago

                Packages

                Version Package
                7.3.X
                7.4.3.9 CE GA9
                Master