Harvey Echain created JSPWIKI-1067:
--------------------------------------
Summary: View-only ACLs are not enforced
Key: JSPWIKI-1067
URL: https://issues.apache.org/jira/browse/JSPWIKI-1067
Project: JSPWiki
Issue Type: Bug
Components: Authentication & Authorization
Affects Versions: 2.10.3
Reporter: Harvey Echain
Group AllUsers being User1,User2
for a page that contains
[{ALLOW view AllUsers}]
[{ALLOW edit User1}]
when User2 displays this page for the first time, there is not 'Edit' button
and he cannot edit the page (as intended).
Press reload, and 'Edit' button appears. User2 can now edit the page.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
