We're updating the issue view to help you get more done. 

Hide all buttons if actions are restricted by Objects ACLs

Description

We should hide all buttons, if a usergroup has not sufficient rights (defined by new Object ACLs) to execute the actions.

Activity

Show:
Michael Batz
yesterday
Edited

test case 1:

  • group "Read Only" has system rights object.view

  • ACLs activated for one type ("ddd")

  • group "Read Only" not defined in ACLs for type "ddd"

problems in test case 1:

  • tables on dashboard: view / copy / preview buttons were shown

 

test case 2:

  • group "Read Only" has system rights object.view

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": READ

works perfect

 

test case 3:

  • group "Read Only" has system rights object.view

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": CREATE READ

problems in test case 3:

  • object tables: add button is missing

  • object tables: copy button displayed but does not work (other issue?)

 

test case 4:

  • group "Read Only" has system rights object.view

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": CREATE READ UPDATE

problems in test case 4:

  • object tables: add button is missing

  • object tables: copy button displayed but does not work (other issue?)

  • object tables: edit action button is missing

  • object tables: bulk change button is missing

  • object view page: edit action button is missing

 

test case 5:

  • group "Read Only" has system rights object.view

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": CREATE READ UPDATE DELETE

problems in test case 5:

  • object tables: add button is missing

  • object tables: copy button displayed but does not work (other issue?)

  • object tables: edit action button is missing

  • object tables: bulk change button is missing

  • object tables: bulk delete button is missing

  • object tables: delete action button is missing

  • object view page: edit action button is missing

  • object view page: delete action button is missing

Dorus Blanken
yesterday
Edited

Does the Read Only group have System rights? If the System rights aren’t give the ACL is ignored and the buttons are not shown.

Michael Batz
yesterday

I’ll need to recheck that behavior

Michael Batz
23 hours ago

Tested again. Looks good to me, only the table view on dashboard needs to be updated.

Did the following tests:

test case 1:

  • group "Read Only" has system rights object.*

  • ACLs activated for one type ("ddd")

  • group "Read Only" not defined in ACLs for type "ddd"

problems in test case 1:

  • tables on dashboard: view / copy / preview / edit / delete buttons were shown

test case 2:

  • group "Read Only" has system rights object.*

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": READ

=> works perfect

test case 3:

  • group "Read Only" has system rights object.*

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": CREATE READ

=> works perfect

test case 4:

  • group "Read Only" has system rights object.*

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": CREATE READ UPDATE

=> works perfect

test case 5:

  • group "Read Only" has system rights object.*

  • ACLs activated for one type ("ddd")

  • ACL for group "Read Only" in type "ddd": CREATE READ UPDATE DELETE

=> works perfect

Michael Batz
6 minutes ago

Tested successfully, can be reviewed

Assignee

Unassigned

Reporter

Michael Batz

Labels

None

Story Points

3

Tester

None

Sprint

Fix versions

Priority

Medium
Configure