Get Satisfaction uses Javascript and cookies.

You'll need to enable Javascript and cookies to log-in and participate.

Share Follow

Know any helpful people?
Email this to a friend
- Your Name:
- Your Email:
- Email to: Enter up to 5 email addresses separated by commas
- Add an optional message
- Optional Message:
  Character limit of 1000 characters
- Or cancel
Twitter this
Share on Facebook
Get a short URL

Share it on these other sites

1 reply made

2 people participating

1 employee helping

The mood in here

happy 1

silly 0

indifferent 0

sad 1

Products & Services

Mockups for Confluence

Add a product

This topic is tagged

Add a tag

Permissions Fail: Read-only User Can Add/Edit Mockups!

We bought Mockups a while back and we QA all confluence plugins in a preproduction area before we let them loose in production.

For your Confluence Mockup plugin, I did a quick permission test and it failed. A READ only user is able to edit and add a mockup.

Steps to reproduce:
1. You can log on to confluence with a read READ Only access account
2. Then hit this page http://wiki.yourdomain.com/confluence...[MOCKUPTITLE]&page=[PAGEID]
3. It will lead to the edit mockup page; make some changes and save

User can view source of the wiki page the mockup is displayed on to find out the mockup name and page id and form the above url. Or if you watch the page with html, the email will include the edit mockup link even for the READ only user. So it is much easier.

To add a mockup to any page, just access the following url with a page id.
http://wiki.yourdomain.com/confluence...[PAGEID]

I’m disappointed but hopeful

Inappropriate?

Reply to this problem

1 person has this problem

I have this problem, too! Tell me when someone solves it.
The more people who report this problem, the more it gets noticed.