Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-31791

SIte/Organization Administrator can remove role or membership for other Administrators or Owners user from Site/Organization

    Details

    • Branch Version/s:
      6.1.x, 6.0.x
    • Backported to Branch:
      Committed
    • Story Points:
      8
    • Fix Priority:
      4

      Description

      Using the Manage Site Memberships UI, a user having only the Site/Organization Administrator role can remove a user with the Site/Organizator Owner role from the site.

      The expected behavior is that Onwers should be protected from regular Administrators. Specifically the following rules must be met.
      1) A Site/Organization Administrator cannot delete the membership of any other Administrator or Owner.
      2) A Site/Organization Administrator cannot remove the Site/Organization Administrator or Owner role of other administrators/owners.
      3) A Site/Organization Owner can delete the membership or remove the roles from any other administrator or owner.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  4 years, 20 weeks, 4 days ago