Description
we may consider failing any AC modification if the principal associated with
a given ACE is either the system principal, an admin principal or one of the principals listed as admin in the permission configuration.
while having ACEs for those prinicpals don't have an effect it might be confusing that they can be created in the first place and may create a wrong sense of security.
Attachments
Issue Links
- is a clone of
-
OAK-952 AccessControlValidator: fail for ACEs created for any of the admin principals
- Resolved