You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using CKAN 2.2 with code from the ckanext-hierachy to provide a UI for handling organization hierarchy.
It seems that a regular user (without sysadmin rights) is able to select any organization as the parent organization. Consider userAlice who has created organization cutePets, and then userEve who has created organization bunnySlaughterhouse. Now userEve can move her organization to be a suborganization of cutePets, and to the rest of the users, this looks like a valid, "official" suborganization.
I am not sure whether this is by design or a bug, but we have a case where we cannot completely trust every CKAN user, and thus it would probably be better if users can only select those organizations in which they are already admins.
The text was updated successfully, but these errors were encountered:
It's working as it was designed. The parent org's admin will automatically get admin power for the sub-organization. But all the same you're right about conferring officialness.
I suggest that we require the user to be admin for the parent.
This issue is being closed as it is nearly more than 18 months old. If you are still experiencing this problem and wish to help investigate further, or submit a PR, please feel free to re-open it.
We are using CKAN 2.2 with code from the ckanext-hierachy to provide a UI for handling organization hierarchy.
It seems that a regular user (without sysadmin rights) is able to select any organization as the parent organization. Consider userAlice who has created organization cutePets, and then userEve who has created organization bunnySlaughterhouse. Now userEve can move her organization to be a suborganization of cutePets, and to the rest of the users, this looks like a valid, "official" suborganization.
I am not sure whether this is by design or a bug, but we have a case where we cannot completely trust every CKAN user, and thus it would probably be better if users can only select those organizations in which they are already admins.
The text was updated successfully, but these errors were encountered: