Bug 31244 - AC live: Authoring node - world credential cannot be deleted
Summary: AC live: Authoring node - world credential cannot be deleted
Status: NEW
Alias: None
Product: Lenya
Classification: Unclassified
Component: Access Control (show other bugs)
Version: 1.2
Hardware: PC Windows XP
: P3 normal
Target Milestone: 1.2.6
Assignee: Lenya Developers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-09-15 14:23 UTC by Simon Dutil
Modified: 2009-06-10 13:34 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Dutil 2004-09-15 14:23:33 UTC
For the authoring section, the access right "world ( the world )" is defined in 
the Ac live tab.  Right next to it, there is a delete button but clicking on it 
have no effects!

Having "the world" defined at that level is preventing users from using the 
access controler feature for the live section.  Even if a group is added to 
restrict access to a page, anyone is still allowed to visit it.

This issue can be fixed by removing <ac:world>...</ac:world> directly from
subtree-policy.acml file located in 
\\lenya\lenya\pubs\$myPub\config\ac\policies\live
Comment 1 Gregor J. Rothfuss 2004-10-29 02:41:50 UTC
andreas,

is this a design decision?
Comment 2 Andreas Hartmann 2004-10-29 07:49:39 UTC
Yes, this is by design.

<quote>
Even if a group is added to  restrict access to a page, anyone is still allowed
to visit it.
</quote>

If this is really the case, it is a bug. Adding a user/group/ip-range on AC live
should restrict access to this accreditable.
Comment 3 J 2006-05-02 17:12:34 UTC
what is the status of this issue?
Comment 4 Mark Thomas 2009-06-10 13:34:55 UTC
Reset assignee so e-mail goes to list