[Security] Role without edit model access allows to edit model [Solved]

gabriel · June 2, 2024, 7:15pm

Hello everyone! I’m running a fresh install of Cockpit 2.8.5. After creating a user with a role that does not have access to edit models, I can still edit the model with that user. Are there any additional steps required to restrict the user from editing a collection other than unchecking “edit model” for the collection under the user’s role?

Edit: Just to be clear, I’m referring to edit the model itself, not the items.

gabriel · June 3, 2024, 1:15am

Nevermind, I just figure out that the “Manage Model” toggle takes precedence over the individual “Edit Model”

joe09 · June 26, 2024, 4:47am

How you solved it can you please explain it in detail.

Topic		Replies	Views
Access to an entry without login Support	4	804	October 23, 2020
New Addon - Moderation for collections Addons	11	2835	July 10, 2022
Core - Field access/permissions missing Cockpit v2	4	372	January 18, 2023
Query Data and Concept Support	4	2248	October 17, 2018
With the update to 2.6.0 my API stopped working? Support	2	246	June 24, 2023

[Security] Role without edit model access allows to edit model [Solved]

Related Topics