IBM Support

PM26755: USERS WITH OUT PROPER PERMISSIONS ARE ABLE TO CREATE DRAFTS THROUGH AUTHORING TOOL COMPONENT

 

APAR status

  • Closed as program error.

Error description

  • Users with out proper permissions are able to create drafts
through authoring tool component.

Information center states that in order to create a draft item,
user must have edit access on the content item, and be an
approver.

for this isue, Users that have been granted editor access on
content at the  library resource level are able to see the
authoring tool link   to create drafts, when they should not see
it.

The result is the user can click the link causing a draft to be
created, then they will an error in the portlet stating that the
user is not authorized to perform this action

Local fix

  • Remove User from having editor access at content resource level.

Problem summary

  • Users with out proper permissions are able to create drafts

through authoring tool component.

Information center states that in order to create a draft item,
user must have edit access on the content item, and be an
approver.

for this isue, Users that have been granted editor access on
content at the  library resource level are able to see the
authoring tool link   to create drafts, when they should not see
it.

The result is the user can click the link causing a draft to be
created, then they will an error in the portlet stating that the
user is not authorized to perform this action

LOCAL FIX:
Remove User from having editor access at content resource level.

Problem conclusion

  • Thee user can now view and use the authoring tools "edit" button
only if they have both approve as well as edit access to the

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PM26755
    • 

  • Reported component name
    LOTUS WEB CONT
    • 

  • Reported component ID
    5724I2900
    • 

  • Reported release
    615
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2010-11-16
    • 

  • Closed date
    2010-12-20
    • 

  • Last modified date
    2010-12-20
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    LOTUS WEB CONT
    • 

  • Fixed component ID
    5724I2900
    • 



Applicable component levels


    

  • R615  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU051","label":"N\/A"},"Product":{"code":"SUPPORT","label":"IBM Web Content Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1.5","Line of Business":{"code":"LOB33","label":"N\/A"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            21 December 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback