When we set access to some role for an app, we can deny access for superuser which is quite unexpected.
- Leave as it is now, only change task introduced in
Getting issue details...
to add superuser role by default.
hardcoded superuser role - custom superuser roles must be handled manually.
can deny access for superuser.
- Change ConfiguredAccessDefinition to check for "superuser" role, deny renaming of superuser role.
can deny access for migrated superuser role which was renamed.
- Allow defining of superuser role(s) under Configuration:server/security/superuser(s)
configurable superuser role
the task for migrating of old ACL have to run after superuser role configuration
- Create new App Access ACL for configuration of apps permissions similar to Web access ACL.
- define full path to an app
- define only app name
no problem with superuser access
incompatible with 5.0-5.1.1
can we do it for 5.2?