Case mismatch causes permissions to be invalid
Summary
If a role is given entity permissions in the global_entity_permission.xml
and the role is spelled slightly different than in LinkAhead (e.g. "Stock Manager" instead of "Stock manager"), then the permission is shown in the web UI, but it might not be considered by the server. E.g. the role might have the "USE:*" permission, but when a user with the role tries to do an update for which this permission is needed, the update is denied as if the permission does not exist.
Steps to Reproduce the Problem
Please describe, step by step, how others can reproduce the problem. Please try these steps for yourself on a clean system.
- Create a role "Stock Manager" that has "Transaction:*"
- Add the snippet below to
global_entity_permission.xml
- Add "EDIT:ACL" to an entity via WebUI in LinkAhead (assuming, that OWNER has all permissions)
- Try to do an update that references some other entity
<Grant priority="false" role="Stock manager"><Permission name="RETRIEVE:*"/></Grant>
<Grant priority="false" role="Stock manager"><Permission name="USE:*"/></Grant>
Specifications
- Server ccde825e