Question on permission settings

Hi,

There’s a question on permission settings among different usergroups. Hope someone can help on this.

For example, User A is in usergroup B and usergroup C. For usergroup B the VIEW permission is denied. For usergroup C the VIEW permission is allowed. The question is whether user A has the permission to view the page or not?

Thanks in advance.

Assuming that the allow and deny are set at the same level (i.e. same page) then it looks like a tie, and http://extensions.xwiki.org/xwiki/bin/view/Extension/Security+Module#HDefaultrightsbeingpredefined indicates that the tie resolution for view right is deny. So I think the user A doesn’t have the permission to view the page. But I’m not an expert. Just pointing out what the documentation says.

Hope this helps,
Marius

Hi @mflorea,

I also have the same question on the permission. I tried the above scenario and user A has no permission on the page.

Is there any way to grant user A the view permission whilst A is in both usergroup B & C?

Regards,
Billtec

Yes, if the allow view for C group is done at a lower level than the deny view for group B (e.g. deny view for B at parent page level and allow view for C at page level). Otherwise, if allow view for C is at the same level with deny view for B then I don’t think it’s possible, unless you give group C administration rights maybe.

Thanks @mflorea.