-
Bug
-
Resolution: Fixed
-
High
-
10.78
-
1
-
Severity 3 - Minor
-
Rockets - Usher 4
Issue Summary
Escalations: User with access to the page can see. update and delete Escalations across the entire application
Steps to Reproduce
- Login
- Create Escalation and assign it to any Program and PI.
- Create a Role with access to the Escalations page(Portfolio>Escalations toggle).
- Assign any User to this Role. The User should not belong to the hierarchy Program from Step 2 is assigned to.
- Impersonate as that user.
- Go to the Escalations grid.
- check what user can do with the Escalation from Step 2.
Expected Results
The user shouldn't see it. And he shouldn't have the ability to edit and delete it. Escalations should respect team assignments.
Actual Results
The user is able to see, update, delete the escalation.
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
- mentioned in
-
Page Loading...
- resolves
-
ALIGNSP-6160 Loading...