- [x] Read the following guideline: https://docs.squidex.io/01-getting-started/installation/troubleshooting-and-support. I understand that my support request might get deleted if I do not follow the guideline.
I’m submitting a…
- [ ] Regression (a behavior that stopped working in a new release)
- [ ] Bug report
- [ ] Performance issue
- [x] Documentation issue or request
When a user with either of the following permission sets clicks on the Comments icon they are shown the Squidex ‘Forbidden’ page.
squidex.apps.ourappname.comments.read squidex.apps.ourappname.comments.create squidex.apps.ourappname.comments.update squidex.apps.ourappname.comments.delete
User with at least read permission for commetns is shown a blank comments section when there are no comments to display, or is shown the comments if there are some.
Minimal reproduction of the problem
As an administrator give a user permissions to access an App and a Schema with Contents in it, and then also give them the comments Permission.
Note: User is not a Contributor within the App, i.e. not assigned to a Role.
App Name: (Is this important when it is self-hosted?)
- [x] Self hosted with docker
- [ ] Self hosted with IIS
- [ ] Self hosted with other version
- [ ] Cloud version
- [x] Chrome (desktop)
- [ ] Chrome (Android)
- [ ] Chrome (iOS)
- [ ] Firefox
- [ ] Safari (desktop)
- [ ] Safari (iOS)
- [ ] IE
- [ ] Edge
I would have said this is a regression but I have no idea if this was working OK with site level permissions when on v6.x as at that point we were more reliant on App Roles, so it could well be that we are not specifying it correctly or that we are missing some other vital permission.
However what we have does seem to match what the code is looking for:
Our full permissions being set at the moment are:
squidex.apps.ourappname.assets squidex.apps.ourappname.comments squidex.apps.ourappname.contents.*.read squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.create squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.update squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.update.own squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus.own squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus.cancel squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus.cancel.own squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.version.* squidex.apps.ourappname.history squidex.apps.ourappname.languages.read squidex.apps.ourappname.schemas.read squidex.apps.ourappname.usage
Any guidance would be greatly appreciated!