Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-25720

User can edit other users when he is only the Site Owner/Administrator of the organization

    Details

      Description

      Steps to reproduce:

      1. Create tow new users A and B
      2. Create a new organization with a site and assign both users as members
      3. Assign the Site Owner or Site Administrator role to user A
      4. Log in with user A and in control panel click on Users and Organizations
      5. Click on the organization to see the list of its members
      6. Click on user B to view his data
      7. Change anything and click save

      "Your request completed successfully."

      User A can edit user B's data even though he is only the admin/owner of the site but not the organization.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  6 years, 34 weeks, 6 days ago