Closed (fixed)
Project:
Coherent Access
Version:
5.x-1.0
Component:
Code
Priority:
Normal
Category:
Feature request
Assigned:
Unassigned
Reporter:
Created:
4 Jul 2008 at 20:09 UTC
Updated:
28 Aug 2008 at 21:42 UTC
i thought the description of coherent access sounded sensible, so i tried it out. but here's a weirdness (from a certain perspective, anyway). let's say X creates a private node. then, he gives editing rights to Y. well, in the default edit interface, Y can go straight in and use the same coherent access input area to offer access to Z, even though X didn't intend to give access to Z. (imagine: X trusts Y but not Z, but Y trusts Z. so, only Z is malicious--but as author of the node, shouldn't X be given say in the matter?)
is this really how it should be?
Comments
Comment #1
jgraham commentedI understand your scenario and certainly that could be an issue.
I will see if I can figure out a clean way to let it either be set sitewide or at the node level whether or not "editing users" can grant other users editing privileges.
Comment #2
jgraham commentedimplemented on the 5.x branch. thanks for the idea
Comment #3
Anonymous (not verified) commentedAutomatically closed -- issue fixed for two weeks with no activity.