You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Before inviting new user or changing roles of a user, you want to be very sure to not accidentally grant to wide permissions. To double-check the planned roles to give, an "impersonation" feature would be great that allows to temporarily play "what if" by giving one's own user different roles to see the effect of the role change.
The text was updated successfully, but these errors were encountered:
When implementing #1031 I noticed that as they are, the permissions are already "too wide": giving a user READERS rights to an organization allows the user to see all products under the org., and all repositories in all these products. Same goes for WRITERS and ADMINS rights: all access rights cascade down the entity tree, see my issue #1056, item 3.
Before inviting new user or changing roles of a user, you want to be very sure to not accidentally grant to wide permissions. To double-check the planned roles to give, an "impersonation" feature would be great that allows to temporarily play "what if" by giving one's own user different roles to see the effect of the role change.
The text was updated successfully, but these errors were encountered: