Details
-
Story
-
Resolution: Unresolved
-
High
-
None
-
None
-
None
Description
Steps:
1. Update Editor's role:
- User/Login
- Content/Read
- Content/Create
- Content/Edit
- Content/Reverserelatedlist
- Content/Versionread
- Contetn/Versionremove
- Assignments: no limitation
2. Log in as Editor
3. Go to Content/Content structure
4. Click Create and select Article
5. Fill required fields
6. Save
7. Delete draft
Actual result:
403 error is thrown, because user doesn't have Content/Remove policy.
Repository forms:
// if there is only one version you have to remove whole content instead of a version itself if (1 === count($this->contentService->loadVersions($contentInfo))) { $parentLocation = $this->locationService->loadParentLocationsForDraftContent($versionInfo)[0]; $redirectionLocationId = $parentLocation->id; $this->contentService->deleteContent($contentInfo); } else { $redirectionLocationId = $contentInfo->mainLocationId; $this->contentService->deleteVersion($versionInfo); }
Expected result:
If user doesn't have permission to delete draft, button should not be active.