- [ ] Checked the logs and have provided the logs if I found something suspicious there
I’m submitting a…
- [ ] Regression (a behavior that stopped working in a new release)
- [X] Bug report
- [ ] Performance issue
- [ ] Documentation issue or request
We created a custom role with access to multiple contents items. Sample of assigned:
When the contributor logged in the first time they could see all of these assigned to them.
We then removed contents.posts and content.specials from the role, but the user could still see all of the original assigned to them. We also logged out and back in.
adding contents.xxxxxx to a user does not allow a user to edit content.
If you removed permissions from a role the permissions should update when the user next log in.
If you added the whole content structure to a role, they should have access to all the options underneath that contents i.e.
contents.brands > should give access to read, update, delete, publish etc
Minimal reproduction of the problem
- Created a new custom role with permissions contents.xxxxxxx, contents.yyyyyyyy
- Created new user and assigned the the role to them
- Logged in to CMS and could see both permissions
- Unable to edit the content
- Removed contents.yyyyyyyy from permission
- Logged user out and back in. User could still see contents.xxxxxxx, contents.yyyyyyyy
- [ ] Self hosted with docker
- [ ] Self hosted with IIS
- [X] Self hosted with other version
- [ ] Cloud version
Version: 4.0.3 running on Centos
- [X] Chrome (desktop)
- [ ] Chrome (Android)
- [ ] Chrome (iOS)
- [ ] Firefox
- [ ] Safari (desktop)
- [X] Safari (iOS)
- [ ] IE
- [ ] Edge