Describe the bug
This issue was found during testing of #5145, the PR which adds this new "Shared Submissions" option to Collections and MyDSpace.
When visiting the "Shared Submissions" option in a user's MyDSpace page, submissions which are not shared also appear in the list.
To Reproduce
Steps to reproduce the behavior:
- Login as an Admin
- Create a single Collection with the "Shared Workspace" option enabled.
- Add one other user as a Submitter to that Collection (you'll use this user later)
- Start one submission into that Collection. Save it for later.
- Logout and login as the Submitter you created in step 3
- Go to that user's MyDSpace page and select "Shared Submissions" from the dropdown.
- You should only see one shared submission (the one started in step 4). However, you will see many more than expected. (It almost appears like every in progress submission from the Admin user has been shared)
- Even worse it appears that it's possible to edit any of the "Shared Submissions". So, you've been given access to edit Submissions that you should not be allowed to access.
Expected behavior
Obviously, you should only be able to see/edit shared submissions which belong to a "Shared Workspace" collection.
Related work
This "Shared Submissions" feature was introduced in #5145.
Describe the bug
This issue was found during testing of #5145, the PR which adds this new "Shared Submissions" option to Collections and MyDSpace.
When visiting the "Shared Submissions" option in a user's MyDSpace page, submissions which are not shared also appear in the list.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Obviously, you should only be able to see/edit shared submissions which belong to a "Shared Workspace" collection.
Related work
This "Shared Submissions" feature was introduced in #5145.