Details
-
Task
-
Status: Closed (View Workflow)
-
P3
-
Resolution: Done
-
None
-
customfield_11100 48145
-
ACQ Sprint 117
-
1
-
Thunderjet
-
R2 2021 Bugfix
Description
Summary: The permission-set settings.acquisition-units.enabled is misleadingly named; it also grants write-access via .all permissions:
92 { 93 "permissionName": "settings.acquisition-units.enabled", 94 "displayName": "Settings (acquisition units): display list of settings pages", 95 "subPermissions": [ 96 "settings.enabled", 97 "users.collection.get", 98 "usergroups.collection.get", 99 "acquisitions-units.units.all", 100 "acquisitions-units.memberships.all" 101 ], 102 "visible": false 103 },
TestRail: Results
Attachments
Issue Links
- blocks
-
UIAC-31 UIAC (ui-acquisition-units) Bugfix release
-
- Closed
-
- defines
-
UXPROD-3060 Thunderjet - R3 2021 Tech Debt, NFR
-
- Closed
-
- relates to
-
FOLIO-3198 UI apps should avoid using ".all" permissions
-
- In progress
-