-
Type:
Sub-task
-
Resolution: Fixed
-
Priority:
L3 - Default
-
Affects Version/s: None
-
Component/s: backend
-
Not defined
Optimize READ users should not be able to create Optimize entities outside of a collection. We should validate against this happening on request, based on the Optimize Authorizations of the user.
ATs:
- READ users cannot create entities outside of a collection
- Within a collection, READ users will have their collection role respected
- READ users cannot create dashboards/collections via a magic link
- READ users can create EBPs (but not reports from them outside a collection) if they have explicit authorization for event based processes
- READ users can still read (but not edit) previously created entities outside of a collection
This is the controller panel for Smart Panels app
- is related to
-
OPT-6406 READ only user can create collections/dashboard with using magic link
-
- Done
-