-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 7.0.X EE, Master
-
Fix Version/s: 7.0.0 DXP FP13, 7.0.0 DXP SP3, 7.0.3 CE GA4, 7.0.X EE, 7.1.X, Master
-
Component/s: Legacy, Legacy > Organizations Admin
-
Branch Version/s:7.0.x
-
Backported to Branch:Committed
-
Fix Priority:4
-
Git Pull Request:
Background
Liferay permits Organization Administrator rights at all levels of an organization's hierarchy. For example, if we have an overarching parent site, we can assign an Organization Administrator at this level. Next, if we have a child site underneath the parent site, we can assign an Organization Administrator at this level. The problem is that users who are assigned Organization Administrator at the child level only have the authority to view their respective child organization sites. They do not have the authority to make any administrative changes to their respective child organization site.
Steps to Reproduce
- Start Liferay DXP + DE-11
- Sign in as [email protected]
- In Control Panel -> Users - > Create a new organization called parentOrg, and create a new Private Page of organization site with the Community site template
- In Control Panel -> Users - > Click on parentOrg and add a Child Organization called childOrg
- Under the Child Organization Create a new Private Page of organization site with the Community site template
- In Control Panel -> Users -> create a new user called [email protected], and grant organization assignment to parentOrg and grant Organization Administrator to the parentOrg level.
- In Control Panel -> Users -> create a new user called [email protected], and grant organization assignment to childOrg and grant Organization Administrator to the childOrg level.
- In one browser, log in as [email protected], and open the product menu in the parentOrg site, and then the childOrg sites. In another browser log in as [email protected], and open the product menu in the parentOrg site, and then the childOrg sites.
Actual Behavior
- Parent User
- Parent Org Site -> has administrator privileges
- Child Org Site -> has administrator privileges
- Child User
- Parent Org Site -> View rights only
- Child Org Site -> View rights only
Expected Behavior
- Parent User
- Parent Org Site -> has administrator privileges
- Child Org Site -> has administrator privileges
- Child User
- Parent Org Site -> View rights only
- Child Org Site -> has administrator privileges
Reproduced in
Liferay DXP + DE-11
ee-7.0.x (aabdce50c6752a338ddc01b47a4f496dedcf444d)
master (f8c4fbf9f33adb85e508dfe6b248420f152e63cb)