In eZ Platform Admin interface, the CREATE button in the right side bar won't consider the user permissions, showing all the existent content types and allowing the user to start the creation of new content objects of classes he should not be able to create.
- Create a new Test role with the following policies
Module Function Limitation user login No limitations content read No limitations content create Class( 16 ), Subtree( /1/2/112/ )
- Create a new Test user group and assign the Test role to it.
- Create a new usr_test user in the Test user group.
- Log in with usr_test
- Open anywhere outside the /1/2/112/ subtree_ and click on the create button
- From here, if you try to save, publish or preview the draft you will fall into the
First, since you don't have permissions to create anything in your location, the CREATE button should be disable just like the Move button.
Second, clicking the CREATE button shouldn't let you to choose classes you don't have access