Comment 1 for bug 1951648
Revision history for this message
| Michele Morgan (mmorgan) wrote Re: Shelving Location Editor allows staff to see and edit other library's shelving locations | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
I have not been able to reproduce this on 3.7 or 3.8.
I do see that when an action is attempted that is not permitted by the user, the toast reports Update Succeeded, but no change has actually been made.
I tested on the 3.8 community demo server as follows:
Logged in as admin, and, in the User Permission Editor added the following permissions at the System level to user br1bbrown:
- CREATE_
- UPDATE_
- DELETE_
Logged in as br1bbrown, I attempted the following:
Add a shelving location owned by CONS
Edit a shelving location owned by CONS
Edit a shelving location owned by SYS2
For all of these actions "Update Succeeded" was reported, but no updates were actually made.
I was able to successfully add and edit shelving locations owned by BR1 and SYS1 as I would expect.
Could the issue be that "Update Succeeded" is being reported when it actually failed? This in itself is a fairly serious bug IMO, and happens in other interfaces, too. But I am not seeing an issue with the permissions not working as they should.