[opencms-dev] Question Permission assignment
t.schmidt at md-network.de
Mon Aug 22 15:49:59 CEST 2016
i have a relative simple OpenCMS (10.0.1) setup with a singe Website and just a few users (some Admins=all permissions, some users = just editing (a few) pages), which are grouped in „Users“ and „Administrators“. I have only the root ("/„) OU.
Now I have a few special pages (which are in folders) which I want to protect against changes by the „Users“ (but „Users“ should be able to read).
Therefore I used the explorer and and changed permissions of a folder which should have this kind of protection.
I removed for „All others“ all rights (should not be visible for all others) means i set it to „-r-w-v-c-d“, to the „Users“ group I gave "+r-w+v-c-d“, means read and view is enabled all other (especially write) is denied and for „Administrators“ i gave all rights. For all settings i set „Overwrite Inherited“ and „Inherit on subfolders“ so all pages in the folder should be protected.
BUT: a normal user is still able to edit the page (I have still the Edit Points, i can still save the page) - even if i apparently prevented the „Users“ groups to be able to write. However i denied direct publishing which works.
I tried that as well for single user (prevented write and publishing) - here as well - it is still possible to save - but not to publish - even if write is forbidden.
I tried this as well with 9.5.2 - and same behavior.
Only rights which are apparently working are „direct publishing“ and „read“ - if i prevent those the user/group cant open the page or cant publish it. Write always works as long read is enabled.
So if i want to protect some files/pages/folders from being written by a special user or group - how to do that ? is this behavior expected ? do i do something wrong (most likely ?!) ?
More information about the opencms-dev