I have…
- [x] Read the following guideline: https://docs.squidex.io/01-getting-started/installation/troubleshooting-and-support. I understand that my support request might get deleted if I do not follow the guideline.
I’m submitting a…
- [ ] Regression (a behavior that stopped working in a new release)
- [ ] Bug report
- [ ] Performance issue
- [x] Documentation issue or request
Current behavior
When a user with either of the following permission sets clicks on the Comments icon they are shown the Squidex ‘Forbidden’ page.
squidex.apps.ourappname.comments
or
squidex.apps.ourappname.comments.read
squidex.apps.ourappname.comments.create
squidex.apps.ourappname.comments.update
squidex.apps.ourappname.comments.delete
Expected behavior
User with at least read permission for commetns is shown a blank comments section when there are no comments to display, or is shown the comments if there are some.
Minimal reproduction of the problem
As an administrator give a user permissions to access an App and a Schema with Contents in it, and then also give them the comments Permission.
Note: User is not a Contributor within the App, i.e. not assigned to a Role.
Environment
App Name: (Is this important when it is self-hosted?)
- [x] Self hosted with docker
- [ ] Self hosted with IIS
- [ ] Self hosted with other version
- [ ] Cloud version
Version: 7.4.0
Browser:
- [x] Chrome (desktop)
- [ ] Chrome (Android)
- [ ] Chrome (iOS)
- [ ] Firefox
- [ ] Safari (desktop)
- [ ] Safari (iOS)
- [ ] IE
- [ ] Edge
Others:
I would have said this is a regression but I have no idea if this was working OK with site level permissions when on v6.x as at that point we were more reliant on App Roles, so it could well be that we are not specifying it correctly or that we are missing some other vital permission.
However what we have does seem to match what the code is looking for:
Our full permissions being set at the moment are:
squidex.apps.ourappname.assets
squidex.apps.ourappname.comments
squidex.apps.ourappname.contents.*.read
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.create
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.update
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.update.own
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus.own
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus.cancel
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.changestatus.cancel.own
squidex.apps.ourappname.contents.schema-a|schema-b|schema-c.version.*
squidex.apps.ourappname.history
squidex.apps.ourappname.languages.read
squidex.apps.ourappname.schemas.read
squidex.apps.ourappname.usage
Any guidance would be greatly appreciated!