Red Hat Bugzilla – Bug 111030
missing CMS folder/item permission checks
Last modified: 2007-04-18 12:59:49 EDT
Description of problem:
On the CMS browse pane, the folder tree has permission filtering on
PREVIEW permissions, so that users won't see folders they have no
permission on. However, the item list does not have the same filtering
In addition, direct navigation to a folder (via the item page, etc.
using the set_folder URL var) needs permission checks.
Also, the item admin page should check user permissions.
London change #38322 resolves the above three issues, in addition to
adding a soft-deletion check to the item admin page to prevent an
unchecked exception from being thrown when attempting to generate the
admin page for a soft-deleted item.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.navigate to a folder with a non-admin user which has private
subfolders (which the user has no access to)
2.the private folders will be missing on the folder tree but shown in
the brows pane