Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Blocker
-
Resolution: Fixed
-
Affects Version/s: 1.3.7, 1.4-milestone-4
-
Component/s: patient-access-rules, security
-
Labels:None
-
Sprint:
Description
Passing a group to PatientAccessHelper.isAdministrator (1.3) or EntityAccessManager.isAdministrator (1.4) results in a call to AuthorizationManager.hasAccess with a group reference. This may trigger XWIKI-12862 and cause loss of permissions for users belonging to that group if the group is not already in the cache.
Attachments
Issue links
- causes
-
PT-3739 Grids: Subgroup members should be able to see all cases their main group is assigned as collaborator
-
- Reopened
-