Bug #35422

TYPO3 Security Framework should not take unexisting roles into account

Added by Rens Admiraal about 10 years ago. Updated about 10 years ago.

Status:
Resolved
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2012-03-31
Due date:
% Done:

100%

Estimated time:

Description

Now the Security Framework uses all roles available in the tokens. When a role is not configured in the Policy.yaml this should not have effect.

For example if you now create a new Phoenix user with the role 'User' the backend gives an 'Access denied!' because the security framework does not know the role User.

Expected behavior: just ignore the users role?

#1

Updated by Gerrit Code Review about 10 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10104

#2

Updated by Gerrit Code Review about 10 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10104

#3

Updated by Gerrit Code Review about 10 years ago

Patch set 3 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10104

#4

Updated by Gerrit Code Review about 10 years ago

Patch set 4 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10104

#5

Updated by Gerrit Code Review about 10 years ago

Patch set 5 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10104

#6

Updated by Rens Admiraal about 10 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

Applied in changeset commit:a513961f1b2b0a771c900e626ccc93d0d0c1e171.

Also available in: Atom PDF