authMode_enforce¶

Using authMode_enforce='strict'¶

Extensions with select fields using authMode previously had different handling if authMode_enforce => 'strict' has been set: Let us say an editor accesses a record with an authMode field being set to a value it has no access to. With authMode_enforce not being set to strict, the editor was still able to edit the record and set the value to something it had access to. With authMode_enforce being set to strict, the editor was not allowed to access the record. This has been streamlined: The backend interface no longer renders those records for the editor and an "access denied" message is rendered instead. To prevent this, a group this editor is member of needs to be adapted to allow access to this particular value in the "Explicitly allow field values" (explicit_allowdeny) field.