UDF uses "Content/Create" policy restrictions in Online Editor. This makes it impossible for editors to link the content which they have read (but not edit) access to.
Steps to reproduce:
- Install clean eZ Platform 3.1.0.
- Remove default "Content/all functions" security policy for Editor role.
- Add Content/Read (no limitations) policy to the Editor role.
- Add Content/Create (Content Type: Article) policy to the Editor role.
- Create a test Editor user.
- As an Administrator user create "Test Folder" [Folder] and "Test Article" [Article] content.
- Logout from admin UI.
- Login as test Editor user.
- Create new "Test Article 2" [Article] content.
- Try to link "Test Folder" content in the "Intro" field of the new article.
The editor should be able to link the content (using UDF) which he/she has read access to.
The editor is able to link only the content types which he/she is allowed to create. So the editor could link an Articles, but not the Folders.
PR is on its way.