I can see that getRecord call has CREATEORREAD action. Is it possible to make it read only? I need it to properly limit client permissions.
Thank you in advance!
Do you mean to avoid creating it if user does not have permissions? If the user does not have permissions for UPDATE or PATCH this will stop him from being able to update anything, but we don't yet have an individual READ action to avoid the record from being created initially. We'll raise that as an issue and try implement it soon.
Edit:
Issue created on github
Related
I got an error on my Odoo like on the picture, I've checked the user already has access to the user group. It's very thankful if you can help me.
I need more information but whenever you parform the action you are doing a security record rule is trggered, you can try the hard mode, go to security record rules and disable one rule and try and re enable after.
I add this setting (see on the picture) on the user's group I want to give access and it's solved. Apparently it's because the user does not have access to Object ir.filters which most of my modules use this.
Can anyone link me to a good Selenium-Grid-Extras guide? I have it installed, and need to customize it. Specifically, I need to update the credentials, and reboot settings. When I go to my link: http://XX.XX.XX.XX:3000/user_auto_logon, I can see the settings, but I don't know how to change them. Also, when I open my selenium_grid_extras_config.json I don't see a section that has any of this information to update. Also, even if I did find a section in the selenium_grid_extras_config.json, how would I update the password for the existing username... I'm sure it's not going to be displayed in plain text. Thanks in advance!
From Shawn McCarthy. This solved my problem:
If you want, you can just delete the selenium_grid_extras_config.json file, and rerun the jar file and it will go through the FirstTimeRunConfig again.
You should be able to pass in the username and password to the endpoint as well, http://XX.XX.XX.XX:3000/user_auto_logon?username=YOUR_USER&password=YOUR_PASSWORD
You can check out the /api endpoint to see all the possible endpoints, and the accepted parameters (and which ones are required or not). Usually with no parameters, it does a get current status/value.
Thanks Shawn!
I have the admin and legal role for my app(I am the sole developer). I want to delete it because it got rejected but there is no delete button. Any help?
You should be able to delete it if it falls into one of the listing statuses found in the docs here.
If you're still unable to see these options, there's some other issue and I'd recommend calling or emailing.
I configured that jira-users group members can create issues.
And I want to give edit permission to jira-users but only if the issue hasnot a work log in it
Is this possible in JIRA 4.4.x
Thanks
So you can only edit an issue if work hasn't started on it? Tricky. I think I'd end up editing system-issueoperations-plugin.xml and changing the condition elements to add a new condition. The new condition would be a custom condition that checked whether the issue has at least one work log.
You can change issue permissions so that only assignee can edit this issue. So when developer starts work on the issue he assigns himself to this issue and only he can edit it.
Documentation is here - http://confluence.atlassian.com/display/JIRA044/Managing+Project+Permissions
I have pdf files in a htaccess-protected directory that I want to show to some users in Yii application.
How is best to solve that? I understand it should be done inside Yii, not with a separate script as it needs to check if a valid user is logged in.
Access control filters
You would do your appropriate security checking (user is in group, or has permission or whatever) and then you would use readfile or something similar.
Do you have code already that isn't working? Or did you just need help with what approach to take?
Thanks!
I got some idea from this link:
http://harrybailey.com/2011/07/yii-rewrite-files-or-images-for-download-or-display/
In short: made a new actionfunction into controller and in that function sending headers and readfile.