[LPS-40580] User can view details of User Groups that he can't manage - Liferay Issues

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 6.0.X EE
Fix Version/s: 6.0.X EE
Component/s: User Management, User Management > Roles
Labels:
- QA-KC
- QA-R
- ee-ts

Branch Version/s:

6.0.x
Backported to Branch:

Committed
Story Points:
2
Fix Priority:
4
Git Pull Request:
https://github.com/dustinryerson/liferay-portal-ee/pull/147

Description

Steps to reproduce-

Create a Regular Role (RR) with permission User Groups Access in Control Panel
Create an user1, and add the role.
Create an user2, and user3
Create an organization Org, and add user1 and user2 to the Org
Create an User Group: UG , and add user2 and user3 to the UG
As user1, go to Control Panel > User Groups

Result: User can view UG and a link over the UG and the action "View members". After view members he can view the user2 in the list ( user2 belongs to the same Org )

Expected: User can view the UG but no action can be performed over it, he doesn't have any permission over the group.

Attachments

Issue Links

is related to

LPS-40578 User can view not allowed User Groups

Closed

Activity

People

Assignee:

Lu Liu

Reporter:

Jose Jimenez

Participants of an Issue:

Jose Jimenez, Lu Liu

Recent user:

Esther Sanz

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

25/Sep/13 6:51 AM

Updated:

13/Nov/14 3:08 AM

Resolved:

30/Sep/13 2:43 PM

Days since last comment:

5 years, 33 weeks, 1 day ago