Description
Steps:
1. Create new role with policies:
- User/Login
- Content/Remove with limitation 'Owner/Self'
- Content/Create
- Content/Publish
- Content/Read
- Content/Versionread
2. Create a user and assign it to the role
3. Log in as a new user
4. Create an Article (name: article1)
5. Log out and log in as admin
6. Go to article1 and create its child (name: article2)
7. Log out and log in as a user from step 2
8. Go to the article1 and click Send to Trash
Actual result:
article1 is removed and its child - article2 is removed as well.
Expected result:
It should be forbidden, because user didn't have permissions to remove CI with different owner