Cleanup PageManager to enforce Page/Folder security symmetrically -----------------------------------------------------------------
Key: JS2-235 URL: http://issues.apache.org/jira/browse/JS2-235 Project: Jetspeed 2 Type: Task Versions: 2.0-M3 Reporter: Randy Watler Assigned to: Randy Watler Priority: Minor Fix For: 2.0-M3 PageManager and related implementations do not enforce Page/Folder security constraints/permissions consistantly across all APIs. PageManager.getFolder() and PageManager.newPage() probably need to restrict VIEW and EDIT access assuming an end user is attempting to perform these operations as part of a site management/customization process. Will need to review site admin portlets to ensure that tightened APIs do not hinder operation. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]