From Bugzilla Helper: User-Agent: Mozilla/5.0 Galeon/1.2.9 (X11; Linux i686; U;) Gecko/20030314 Description of problem: When assigning permissions to objects, the forms 'appear' to silently fail if the user is already inheriting the permission, either through the object context hierarchy, or the privilege implications hierarchy. For example: * Attempting to assign 'Administrator Account' as the admin for a role in CMS 'fails' because the SWA already has admin across the whole site. However, if you assign the user as a role admin & then make them a SWA there are no problems. * Manipulating folder permissions. If the user already has 'create item' privilege, then it is impossible to explicitly turn on 'edit item'. However, if they are assigned in the other order (ie edit, then create) it works fine. The problem appears to be that PermissionManager#grantPermission has the following check: boolean hasPermission = checkPermission(universalPermission, isUser); if (hasPermission) { return true; } The intent was obviously to avoid redundant privilege grants, but as the two examples above illustrate, this is impossible & leads to very confusing user interfaces / interactions. The check in in grantPermission should probably be changed to only check for an exact match of the 'object,party,privilege' triplet. ie ignore the object context & privilege implications heirarchies. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Go into the content section 2. Go to the roles tab 3. Add 'administrator account' as the role admin Actual Results: Nothing happens. Expected Results: The administrator is assigned as role admin. Additional info:
QA_READY has been deprecated in favor of ON_QA. Please use ON_QA in the future. Moving to ON_QA.
Closing old tickets