I’ve installed the blog demo from srbac.
After that I changed from sqlite to mysql.
This worked fine.
But why is it possible to create a Post with the default demo user?
Demo is only assigned to the role AlwaysAllow. In this role are the following Operations allowed:
There is no PostCreate?
Why is it possible to create a Post?
This is from memory, and I’ve not used the srbac blog demo so may not be 100%…:
I think that until those two things are done the default behaviour of srbac is to give everyone access. The answers are in the documentation here - but it takes a bit of digging to find them.
Hope that helps,
Yeah! Thats it
I didn’t know that the debug-mode disable the function of srbac.
Thank you so much!!!!