Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not use allow all default in production #10

Open
tolawho opened this issue Sep 14, 2018 · 1 comment
Open

Do not use allow all default in production #10

tolawho opened this issue Sep 14, 2018 · 1 comment
Labels
enhancement New feature or request

Comments

@tolawho
Copy link
Contributor

tolawho commented Sep 14, 2018

When I set full permission for my admin account. The other people can't see the resource they dont have permission. But when I remove one permission from admin, other people can see permission admin dont have even they dont have. I example my case:
Admin with full permission
image
The buyer view:
image

When I remove Plan permission from admin
image
The buyer view, now they can manage the plans:
image
image
Actually they don't have the permission for the plan
image
@m2de
Copy link
Contributor

m2de commented Sep 14, 2018
edited
Loading

Hi. Thanks for your detailed issue report. That currently is intentional behaviour to stop you (the admin) from locking yourself out of features. However we are aware that this is undesirable for many in a production environment and are addressing this in the next major release of Brandenburg and this nova package.

@m2de m2de added the enhancement New feature or request label May 28, 2019
@m2de m2de changed the title [Bug] Permission Do not use allow all default in production May 28, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tolawho @m2de