[Security] Role without edit model access allows to edit model [Solved]

gabriel · June 2, 2024, 7:15pm

Hello everyone! I’m running a fresh install of Cockpit 2.8.5. After creating a user with a role that does not have access to edit models, I can still edit the model with that user. Are there any additional steps required to restrict the user from editing a collection other than unchecking “edit model” for the collection under the user’s role?

Edit: Just to be clear, I’m referring to edit the model itself, not the items.

gabriel · June 3, 2024, 1:15am

Nevermind, I just figure out that the “Manage Model” toggle takes precedence over the individual “Edit Model”

joe09 · June 26, 2024, 4:47am

How you solved it can you please explain it in detail.

Topic		Replies	Views
Prohibit user/role to access other people's records in a collection? Support	0	259	October 24, 2022
Access to an entry without login Support	4	805	October 23, 2020
User Permission on foreign entries Support	2	620	April 30, 2021
Permission Documentation Support	3	4061	August 15, 2018
New Addon - Moderation for collections Addons	11	2846	July 10, 2022

[Security] Role without edit model access allows to edit model [Solved]

Related Topics