Details

    • Type: Bug
    • Status: Closed
    • Resolution: Won't Fix
    • Affects Version/s: 6.2.X EE, 7.0.0 DXP SP4, 7.0.4 CE GA5, 7.0.X, Master
    • Fix Version/s: None
    • Component/s: DM > Administration
    • Labels:
      None
    • Fix Priority:
      3

      Description

      Too many default permissions for unprivileged users.

      Steps to reproduce:

      • create a new site A
      • create a page P within A, add Documents and Media portlet to page
      • create a new unprivileged user U
      • make U member of A
      • sign in as U, navigate to A
      • Upload document to Doc-Lib folder of A, Create Folder in Doc-Lib.

      Expected behavior: Upload wouldn't be offered, folders can't be created.
      Actual behavior: User has permissions to upload

      Crosscheck: As Administrator, go to Site-Admininstration/Document and Media, Choose "Home Folder Permissions" and validate that Site-Member has permissions to upload / create folder.

      On the basis of defaulting to minimal permissions, this is unexpected behavior. Modifying this behavior will require writing/deploying code that explicitly unsets those default permissions whenever a new site is created (unless I'm missing the obvious).

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  31 weeks ago