assigning users to a customized group will not propagate the roles defined for that group.
- remove the read - Section(standard) policy from the anonymous role
- copy the user_group class to a custom class named "custom_group"
- open users/members in admin
- Create a new "custom_group" under the member's group (named "cutoff group")
- create a new user under "cutoff group"
- create some test article named "readme"
- create a new role "just read", add policy content read "No limitations"
- assign "just read" to "cutoff group"
in frontend SA with legacy_mode to false:
- log in to front of site using the created user
- ignore the error, open direct url http://site.com/readme
403 error is shown
the user does not have the permissions from group, should have the "just read" role
- in admin, add the "just read" role to the user itself
- reload frontend, now user has access