Jump to content

ACP Restrictions bug; "Grant access to <app>" not honored.


Recommended Posts

Might just be a specific case scenario.

Create a couple of admin groups and restrict one to only have dashboard access and another to just have access to nexus/support tickets (but not settings or anything else).

Apply both as secondary groups.

In ACP/Commerce/Support area, Performance and Setting are still visible.  Edit the "dashboard only" group to enable commerce and disable all support settings (then disable access to it again) and save, issue is fixed.

 

 

Link to comment
Share on other sites

6 minutes ago, Wolfie said:

In ACP/Commerce/Support area, Performance and Setting are still visible.  Edit the "dashboard only" group to enable commerce and disable all support settings (then disable access to it again) and save, issue is fixed.

To confirm, you're just toggling that on/off? You're not actually saving with that permission?

Link to comment
Share on other sites

Full process, I just mentioned the necessary steps, but saving each time.  Unless you mean to enable app, disable access, disable app, then save.  In that case I forget, but I can go double check.  Either way, the specific setting have to be restricted otherwise it doesn't restrict despite the entire app access being restricted.

Link to comment
Share on other sites

3 minutes ago, Wolfie said:

Either way, the specific setting have to be restricted otherwise it doesn't restrict despite the entire app access being restricted.

Think this is the key piece here. Thank you. I will test and get back to you here shortly 🙂 .

Link to comment
Share on other sites

Looks like once it's fixed, it's fixed.  I tried to duplicate it with the same existing group and not happening again.

I do know that when I was noticing the issue, I was double checking that each group had very specific access and neither should have been granting access to see performance or settings, but they were indeed appearing.  Only fixed after I edited the "dashboard only" one to disable the functions separately.

Link to comment
Share on other sites

Unfortunately, I cannot reproduce this. What I did was:

  • Dashboard group.
    • Uncheck all tabs and permissions but System, Overview, and "Can view Dashboard"
  • Support group.
    • Uncheck all tabs and permissions but Commerce, Support, and everything under "Support Requests"

Providing those to a user and logging in as that user, I see what I expect:

Could contain: File, Page, Text, Webpage

 

Could contain: File, Webpage, Logo

 

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...