Project

General

Profile

bug #7541

Insufficient rights lead to missing focus in name editor

Added by Patrick Plitzner over 1 year ago. Updated about 1 month ago.

Status:
Closed
Priority:
Highest
Assignee:
Category:
taxeditor
Target version:
Start date:
07/10/2018
Due date:
% Done:

50%

Severity:
major
Found in Version:

Description

WGB:

wir haben angefangen die Iresines einzugeben. Auf Sophias Rechner traten dabei merkwürdige Fehler auf, und zwar konnte sie den Cursor im NameEditor nicht setzen – das Fenster bekam zwar den Fokus (es wurden Details der letzten Auswahl angezeigt), aber nicht für Eingaben, der blieb auf dem Search bzw. Navigator stehen. Durch hin-und herschalten zwischen den Fenstern bekam man den Cursor dann irgendwann hin. Aber nach Ändern eines Eintrags und Safe gab’s den u.a. Fehler.

Das mit dem Cursor lag eventuell daran, dass die Rechte nicht stimmten. ...


WGB:

das mit dem fehlenden Fokus im NameEditor tritt häufiger auf – nach einiger Zeit kann man Einträge nicht mehr auswählen.


login : s.wutke

editor version : 5.1.2

server : api.cybertaxonomy.org (cybertaxonomy.org) / caryophyllales_spp

schema version : 5.0.0.0.20180514

os : Windows 7 6.1 amd64

java : 1.8.0_161

org.eclipse.e4.core.di.InjectionException: org.springframework.orm.hibernate5.HibernateSystemException: [UPDATE] not permitted for 's.wutke' on Reference[uuid:5afae854-cd2b-43ed-99b3-073345adc904', toString:'Reference [type=Article, id= 20358, uuid=5afae854-cd2b-43ed-99b3-073345adc904]']; nested exception is eu.etaxonomy.cdm.database.PermissionDeniedException: [UPDATE] not permitted for 's.wutke' on Reference[uuid:5afae854-cd2b-43ed-99b3-073345adc904', toString:'Reference [type=Article, id= 20358, uuid=5afae854-cd2b-43ed-99b3-073345adc904]']

                at org.eclipse.e4.core.internal.di.MethodRequestor.execute(MethodRequestor.java:65)

                at org.eclipse.e4.core.internal.di.InjectorImpl.invokeUsingClass(InjectorImpl.java:282)

                at org.eclipse.e4.core.internal.di.InjectorImpl.invoke(InjectorImpl.java:247)

                at org.eclipse.e4.core.contexts.ContextInjectionFactory.invoke(ContextInjectionFactory.java:90)

                at org.eclipse.e4.ui.internal.workbench.PartServiceSaveHandler.save(PartServiceSaveHandler.java:57)

                at org.eclipse.ui.internal.WorkbenchWindow$7.save(WorkbenchWindow.java:594)

                at org.eclipse.e4.ui.internal.workbench.PartServiceImpl.savePart(PartServiceImpl.java:1390)

                at org.eclipse.e4.ui.workbench.renderers.swt.StackRenderer.closePart(StackRenderer.java:1295)

                at org.eclipse.e4.ui.workbench.renderers.swt.StackRenderer.access$2(StackRenderer.java:1278)

                at org.eclipse.e4.ui.workbench.renderers.swt.StackRenderer$7.close(StackRenderer.java:1163)

                at org.eclipse.swt.custom.CTabFolder.onMouse(CTabFolder.java:1930)

                at org.eclipse.swt.custom.CTabFolder$1.handleEvent(CTabFolder.java:338)

                at org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84)

                at org.eclipse.swt.widgets.Display.sendEvent(Display.java:4418)

                at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1079)

                at org.eclipse.swt.widgets.Display.runDeferredEvents(Display.java:4236)

                at org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:3824)

                at org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine$4.run(PartRenderingEngine.java:1121)

                at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:336)

                at org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine.run(PartRenderingEngine.java:1022)

                at org.eclipse.e4.ui.internal.workbench.E4Workbench.createAndRunUI(E4Workbench.java:150)

                at org.eclipse.ui.internal.Workbench$5.run(Workbench.java:693)

                at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:336)

                at org.eclipse.ui.internal.Workbench.createAndRunWorkbench(Workbench.java:610)

                at org.eclipse.ui.PlatformUI.createAndRunWorkbench(PlatformUI.java:148)

                at eu.etaxonomy.taxeditor.Application.start(Application.java:24)

                at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196)

                at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:134)

                at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:104)

                at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:388)

                at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:243)

                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

                at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

                at java.lang.reflect.Method.invoke(Unknown Source)

                at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:673)

                at org.eclipse.equinox.launcher.Main.basicRun(Main.java:610)

                at org.eclipse.equinox.launcher.Main.run(Main.java:1519)

Caused by: org.springframework.orm.hibernate5.HibernateSystemException: [UPDATE] not permitted for 's.wutke' on Reference[uuid:5afae854-cd2b-43ed-99b3-073345adc904', toString:'Reference [type=Article, id= 20358, uuid=5afae854-cd2b-43ed-99b3-073345adc904]']; nested exception is eu.etaxonomy.cdm.database.PermissionDeniedException: [UPDATE] not permitted for 's.wutke' on Reference[uuid:5afae854-cd2b-43ed-99b3-073345adc904', toString:'Reference [type=Article, id= 20358, uuid=5afae854-cd2b-43ed-99b3-073345adc904]']

                at org.springframework.orm.hibernate5.SessionFactoryUtils.convertHibernateAccessException(SessionFactoryUtils.java:219)

                at org.springframework.orm.hibernate5.HibernateTransactionManager.convertHibernateAccessException(HibernateTransactionManager.java:741)

                at org.springframework.orm.hibernate5.HibernateTransactionManager.doCommit(HibernateTransactionManager.java:589)

                at org.springframework.transaction.support.AbstractPlatformTransactionManager.processCommit(AbstractPlatformTransactionManager.java:761)

                at org.springframework.transaction.support.AbstractPlatformTransactionManager.commit(AbstractPlatformTransactionManager.java:730)

                at org.springframework.transaction.interceptor.TransactionAspectSupport.commitTransactionAfterReturning(TransactionAspectSupport.java:485)

                at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:291)

                at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)

                at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

                at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208)

                at com.sun.proxy.$Proxy1724.merge(Unknown Source)

                at sun.reflect.GeneratedMethodAccessor14988.invoke(Unknown Source)

                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                at java.lang.reflect.Method.invoke(Method.java:498)

                at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302)

                at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)

                at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)

                at org.springframework.remoting.support.RemoteInvocationTraceInterceptor.invoke(RemoteInvocationTraceInterceptor.java:78)

                at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

                at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208)

                at com.sun.proxy.$Proxy1851.merge(Unknown Source)

                at sun.reflect.GeneratedMethodAccessor64729.invoke(Unknown Source)

                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

                at java.lang.reflect.Method.invoke(Method.java:498)

                at org.springframework.remoting.support.RemoteInvocation.invoke(RemoteInvocation.java:212)

                at org.springframework.remoting.support.DefaultRemoteInvocationExecutor.invoke(DefaultRemoteInvocationExecutor.java:39)

                at org.springframework.remoting.support.RemoteInvocationBasedExporter.invoke(RemoteInvocationBasedExporter.java:78)

                at org.springframework.remoting.support.RemoteInvocationBasedExporter.invokeAndCreateResult(RemoteInvocationBasedExporter.java:114)

                at org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter.handleRequest(HttpInvokerServiceExporter.java:74)

                at org.springframework.web.servlet.mvc.HttpRequestHandlerAdapter.handle(HttpRequestHandlerAdapter.java:51)

                at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)

                at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)

                at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:969)

                at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:871)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)

                at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:845)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

                at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:808)

                at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:316)

                at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)

                at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:213)

                at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)

                at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)

                at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

                at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)

                at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)

                at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)

                at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)

                at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)

                at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

                at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121)

                at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

                at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

                at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)

                at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)

                at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)

                at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)

                at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)

                at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)

                at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)

                at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)

                at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)

                at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)

                at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)

                at org.eclipse.jetty.server.Server.handle(Server.java:497)

                at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)

                at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)

                at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)

                at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)

                at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)

                at java.lang.Thread.run(Thread.java:745)

                at org.springframework.remoting.support.RemoteInvocationUtils.fillInClientStackTraceIfPossible(RemoteInvocationUtils.java:45)

                at org.springframework.remoting.support.RemoteInvocationResult.recreate(RemoteInvocationResult.java:149)

                at org.springframework.remoting.support.RemoteInvocationBasedAccessor.recreateRemoteInvocationResult(RemoteInvocationBasedAccessor.java:85)

                at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:150)

                at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

                at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208)

                at com.sun.proxy.$Proxy51.merge(Unknown Source)

                at eu.etaxonomy.taxeditor.editor.e4.TaxonEditorInputE4.merge(TaxonEditorInputE4.java:367)

                at eu.etaxonomy.taxeditor.editor.name.e4.TaxonNameEditorE4.save(TaxonNameEditorE4.java:397)

                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

                at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

                at java.lang.reflect.Method.invoke(Unknown Source)

                at org.eclipse.e4.core.internal.di.MethodRequestor.execute(MethodRequestor.java:55)

                ... 37 more

Caused by: eu.etaxonomy.cdm.database.PermissionDeniedException: [UPDATE] not permitted for 's.wutke' on Reference[uuid:5afae854-cd2b-43ed-99b3-073345adc904', toString:'Reference [type=Article, id= 20358, uuid=5afae854-cd2b-43ed-99b3-073345adc904]']

                at eu.etaxonomy.cdm.persistence.hibernate.CdmSecurityHibernateInterceptor.checkPermissions(CdmSecurityHibernateInterceptor.java:196)

                at eu.etaxonomy.cdm.persistence.hibernate.CdmSecurityHibernateInterceptor.onFlushDirty(CdmSecurityHibernateInterceptor.java:124)

                at org.hibernate.event.internal.DefaultFlushEntityEventListener.invokeInterceptor(DefaultFlushEntityEventListener.java:348)

                at org.hibernate.event.internal.DefaultFlushEntityEventListener.handleInterception(DefaultFlushEntityEventListener.java:325)

                at org.hibernate.event.internal.DefaultFlushEntityEventListener.scheduleUpdate(DefaultFlushEntityEventListener.java:276)

                at org.hibernate.event.internal.DefaultFlushEntityEventListener.onFlushEntity(DefaultFlushEntityEventListener.java:143)

                at org.hibernate.event.internal.AbstractFlushingEventListener.flushEntities(AbstractFlushingEventListener.java:216)

                at org.hibernate.event.internal.AbstractFlushingEventListener.flushEverythingToExecutions(AbstractFlushingEventListener.java:85)

                at org.hibernate.event.internal.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:38)

                at org.hibernate.internal.SessionImpl.flush(SessionImpl.java:1282)

                at org.hibernate.internal.SessionImpl.managedFlush(SessionImpl.java:465)

                at org.hibernate.internal.SessionImpl.flushBeforeTransactionCompletion(SessionImpl.java:2963)

                at org.hibernate.internal.SessionImpl.beforeTransactionCompletion(SessionImpl.java:2339)

                at org.hibernate.engine.jdbc.internal.JdbcCoordinatorImpl.beforeTransactionCompletion(JdbcCoordinatorImpl.java:485)

                at org.hibernate.resource.transaction.backend.jdbc.internal.JdbcResourceLocalTransactionCoordinatorImpl.beforeCompletionCallback(JdbcResourceLocalTransactionCoordinatorImpl.java:147)

                at org.hibernate.resource.transaction.backend.jdbc.internal.JdbcResourceLocalTransactionCoordinatorImpl.access$100(JdbcResourceLocalTransactionCoordinatorImpl.java:38)

                at org.hibernate.resource.transaction.backend.jdbc.internal.JdbcResourceLocalTransactionCoordinatorImpl$TransactionDriverControlImpl.commit(JdbcResourceLocalTransactionCoordinatorImpl.java:231)

                at org.hibernate.engine.transaction.internal.TransactionImpl.commit(TransactionImpl.java:65)

                at org.springframework.orm.hibernate5.HibernateTransactionManager.doCommit(HibernateTransactionManager.java:581)

                ... 138 more

Related issues

Related to Edit - feature request #8239: Rights issues in TaxEditor New 04/11/2019
Copied to Edit - bug #7603: Changing a user group does not work as expected Closed 07/30/2018

Associated revisions

Revision 86a05229 (diff)
Added by Katja Luther about 1 year ago

ref #7541: fix permission handling in name editor

History

#1 Updated by Patrick Plitzner over 1 year ago

  • Description updated (diff)

#2 Updated by Andreas Müller over 1 year ago

  • Tags set to euro+med
  • Target version changed from Unassigned CDM tickets to Release 5.2
  • Severity changed from normal to major

we should urgently address the rights issues in taxeditor. Otherwise soon all users that should have limited rights will have admin rights.

#3 Updated by Andreas Müller over 1 year ago

  • Copied to bug #7603: Changing a user group does not work as expected added

#4 Updated by Andreas Müller over 1 year ago

  • Description updated (diff)

moved the second part of the description to a new ticket: #7603

#5 Updated by Andreas Müller over 1 year ago

  • Target version changed from Release 5.2 to Release 5.3

#6 Updated by Katja Luther over 1 year ago

  • Target version changed from Release 5.3 to Release 5.4

#7 Updated by Katja Luther about 1 year ago

the missing possibility to set the focus on the name editor was because of a wrong permission check.

#8 Updated by Katja Luther about 1 year ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 40

#9 Updated by Andreas Müller about 1 year ago

  • Target version changed from Release 5.4 to Release 5.5

#10 Updated by Andreas Müller 10 months ago

  • Target version changed from Release 5.5 to Release 5.6

#11 Updated by Katja Luther 10 months ago

  • Priority changed from New to Highest

#12 Updated by Katja Luther 8 months ago

  • Status changed from In Progress to Resolved
  • Assignee changed from Katja Luther to Patrick Plitzner

The problem of this ticket is solved. With rem_conf_am and the nightly editor I could not reproduce the missing focus.

#13 Updated by Katja Luther 8 months ago

  • Assignee changed from Patrick Plitzner to Andreas Müller

#14 Updated by Andreas Müller 8 months ago

  • Assignee changed from Andreas Müller to Patrick Plitzner

please do first review on nightly

#15 Updated by Patrick Plitzner 8 months ago

  • Assignee changed from Patrick Plitzner to Andreas Müller
  • % Done changed from 40 to 50

I tested on nightly and rem_conf_am:

  • Created a user "noTaxon" and a group "rightless" with two authorities ROLE_PROJECT_MANAGER and TAXONNAME.[]
  • Logged in with user and opened a taxon
  • It was not possible to click inside the name editor but nothing unusual happened
  • It was possible to edit the taxon in the details view but saving did not work due to restricted rights

#16 Updated by Andreas Müller 8 months ago

  • Status changed from Resolved to Feedback
  • Assignee changed from Andreas Müller to Katja Luther

Hmm, can someone explain what the expected behavior is? To me it sounds strange that the name editor is not editable but the details view is editable.

Which rights does a user need to allow this?

Also it looks like the user can create a fact in facts view (but not editing it or only the time scope, etc.). Shouldn't the creation of a fact be forbidden already? (This is maybe only a related issue).

#17 Updated by Katja Luther 8 months ago

Andreas Müller wrote:

Hmm, can someone explain what the expected behavior is? To me it sounds strange that the name editor is not editable but the details view is editable.

Which rights does a user need to allow this?

Also it looks like the user can create a fact in facts view (but not editing it or only the time scope, etc.). Shouldn't the creation of a fact be forbidden already? (This is maybe only a related issue).

The user is not allowed to save the changes. But the UI should not allow to create or update facts or anything else if he/she is not allowed. I think there is a ticket already.

#18 Updated by Andreas Müller 8 months ago

Katja Luther wrote:

Andreas Müller wrote:

Hmm, can someone explain what the expected behavior is? To me it sounds strange that the name editor is not editable but the details view is editable.

Which rights does a user need to allow this?

Also it looks like the user can create a fact in facts view (but not editing it or only the time scope, etc.). Shouldn't the creation of a fact be forbidden already? (This is maybe only a related issue).

The user is not allowed to save the changes. But the UI should not allow to create or update facts or anything else if he/she is not allowed. I think there is a ticket already.

Can you try to link the ticket. Or if it not yet exists create a new one. Correct handling of rights will become an important issue soon so we should try to handle (or at least document all problems) soon.

#19 Updated by Andreas Müller 8 months ago

So do I understand correctly that this ticket is only about setting the focus in name editor and not about the other rights issues? Then we can close the ticket (but at least for the details view issue should have another high priority ticket). Also we should rename it to make the focus of the ticket clearer.

#20 Updated by Katja Luther 8 months ago

#21 Updated by Katja Luther 8 months ago

  • Subject changed from Insufficient rights lead to corrupted UI handling to Insufficient rights lead to missing focus in name editor
  • Status changed from Feedback to Closed

the details view issues are now handled in #8239

#22 Updated by Andreas Kohlbecker about 1 month ago

  • Tags changed from euro+med to euro+med, permission

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 40 MB)