SYMPTOMS
You have created a role that does not allow specific actions for the user that gets this role assigned. Upon usage, the user seems to be able to execute actions that are not part of the role assigned.
CAUSE
This is likely caused by having another role assigned to the user and this role does allow the actions that you have disallowed in the newly created role.
RESOLUTION
As an example:
- User A creates a role that does not have Mark Accepted Recipient As Custodian
- User A assigns this role and another role that does grant the above privilige to User B
- User B creates a hold
- Ensure the hold notice with acceptance link is sent
- Ensure the subject clicks on the acceptance link
- User B accesses the hold
- User B observes that he is able to mark the subject as custodian
- User A removes the role that allows Mark Accepted Recipient As Custodian but ensures that the role that does not have Mark Accepted Recipient As Custodian is assigned to User B
- User B logs out and logs in again
- User B accesses the hold
- User B observes that he is not able to mark the subject as custodian.
APPLIES TO
3.5
Comments
0 comments
Article is closed for comments.