Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LinkField honours Link permission #103

Closed
maxime-rainville opened this issue Oct 17, 2023 · 1 comment
Closed

LinkField honours Link permission #103

maxime-rainville opened this issue Oct 17, 2023 · 1 comment
Assignees
@GuySartorelli

Comments

@maxime-rainville
Copy link

maxime-rainville commented Oct 17, 2023
edited by emteknetnz
Loading

As the owner of a Silverstripe CMS project, I want link data to be access and updated only by authorised content author.

Acceptance criteria

  • LinkField does not display information about link the current content author does not have CanView rights on.
  • LinkField does not let you update Link data if you do not have CanEdit permission on the Link.
  • LinkField does not let you delete Link data if you do not have CanDelete permission on the Link.
  • LinkField does not let you create Link data if you do not have CanCreate permission on the Link.
  • Any relations associated to a Link also honor access control restrictions (e.g: related page or file).
  • Any APIs used to retrieve/update link data honours any relevant access control restriction.
  • Toast errors should still be shown when the user does a request that return an HTTP error.
  • UI buttons to create / edit / delete links should not show if the user fails corresponding permission checks

Excluded

  • Readonly and hidden views when the user doesn't have the right update or view the link. That will come later.

Pull request
@GuySartorelli GuySartorelli mentioned this issue Dec 12, 2023
Merged
@emteknetnz emteknetnz self-assigned this Dec 17, 2023
This was referenced Dec 18, 2023
Closed
Merged
@emteknetnz emteknetnz removed their assignment Dec 19, 2023
@GuySartorelli GuySartorelli mentioned this issue Dec 21, 2023
Open
@GuySartorelli
Copy link
Member

PR merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@GuySartorelli GuySartorelli

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@maxime-rainville @emteknetnz @GuySartorelli