#163 ✓resolved
Kieran P

Allow editors to keep/delete existing, but not add/change, insecure elements in descriptions

Reported by Kieran P | February 11th, 2009 @ 03:58 PM | in 1.2

When someone edits an item, if they're not a site admin, then any insecure elements a site admin added is erased, which can be annoying. Same result if an site admins edits the content they made but forgets to tick "allow insecure content". So instead:

  • A site admin can create/edit an item with insecure elements
  • A non site admin edits it and can
    • Change secure content and save successfully
    • Move insecure content around and save successfully
    • Not change insecure content or it will fail validation
    • Not add insecure content or it will fail validation
    • Remove insecure content and save successfully
  • The "allow insecure content" option then effectively becomes "allow new insecure content"

These changes will make editing more flexible but keep things safe.

Work will be done using a method call from the controller, and Nokogiri to pass the description of existing item against the description submitted in the form.

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Kete was developed by Horowhenua Library Trust and Katipo Communications Ltd. to build a digital library of Horowhenua material.

People watching this ticket

Pages