bug #8443
opena user with only rights on a subtree can edit taxa and names of another subtree
0%
Description
the user with rights on a subtree is able to edit taxa outside the defined subtree. The only limitation is creation and deleting of nodes.
Updated by Katja Luther over 3 years ago
- Subject changed from a user with only rights on a subtree can edit a name not used in subtree (bulkeditor) to a user with only rights on a subtree can edit taxa and names of another subtree
- Description updated (diff)
- Category changed from cdmlib to taxeditor
- Assignee changed from Andreas Müller to Katja Luther
Updated by Andreas Müller over 3 years ago
is this only an UI issue or is it also a cdmlib-security issue?
Updated by Katja Luther over 3 years ago
Andreas Müller wrote:
is this only an UI issue or is it also a cdmlib-security issue?
I think this is also a cdmlib security issue. Actually I work on the implementation in the Editor, but I think this needs also checked on cdmlib side.
Updated by Andreas Kohlbecker over 3 years ago
As far as I understand the problem, we need to implement the furtherVotingDescisions(CdmAuthority CdmAuthority, TargetEntityStates targetEntityStates, Collection<ConfigAttribute> attributes, in TaxonBaseVoter so that the permissions on the TaxonNodes is always taken into account.
ValidationResult validationResult)
Problems can arise when deciding on a Taxon for which the TaxonNodes are not yet initialized in this case the required information needs to be loaded from the db first. Maybe we can directly delegate the decision to the TaxonNodeVoter by calling its vote() and furtherVotingDescisions() methods properly.