|
If you were logged in you would be able to see more operations.
|
|
|
| Resolution Date: |
19/Jul/05 02:31 PM
|
|
PageManager and related implementations do not enforce Page/Folder security constraints/permissions consistantly across all APIs. PageManager.getFolder() and PageManager.newPage() probably need to restrict VIEW and EDIT access assuming an end user is attempting to perform these operations as part of a site management/customization process.
Will need to review site admin portlets to ensure that tightened APIs do not hinder operation.
|
|
Description
|
PageManager and related implementations do not enforce Page/Folder security constraints/permissions consistantly across all APIs. PageManager.getFolder() and PageManager.newPage() probably need to restrict VIEW and EDIT access assuming an end user is attempting to perform these operations as part of a site management/customization process.
Will need to review site admin portlets to ensure that tightened APIs do not hinder operation.
|
Show » |
made changes - 25/May/05 08:05 AM
| Field |
Original Value |
New Value |
|
Fix Version/s
|
2.0-M3
[ 11127
]
|
|
|
Fix Version/s
|
|
2.0-M4
[ 11186
]
|
made changes - 19/Jul/05 02:31 PM
|
Status
|
Open
[ 1
]
|
Resolved
[ 5
]
|
|
Resolution
|
|
Fixed
[ 1
]
|
|
Task
Resolved
Minor
Cleanup PageManager to enforce Page/Folder security symmetrically
