When configuring the security against categories/objects in the designer, is the security cached in some way?
It appears that recently added K2 Roles are being ignored by K2's security model.
- I recently created a new K2 role with one user and configured security so that this new role has allow access.
- The new role is ignored, therefore the user is denied access.
- If I add the same user to an existing K2 role that already has access, there is no issue, it works.. user has access
I open K2 Designer, then right-hand click the parent category to view the Security, I can see that the following K2 roles have Allow access:
- Role A
- Role B
I then decide a new role is needed:
- I create a new role in K2 Management called Role C
- I add a new user called Bob
I then ensure Role C is granted access to the app:
- I edit the security in K2 Designer, I add Role C with Allow access
I then test the security:
- I ask Bob to try to access the app, he is denied. Test fails
I add Bob to Role A instead:
- I ask Bob to try to access the app, he can. Test passes
Do I have to restart the server or something for K2 to refresh it's cache or something? Is security cached?
At the moment, I've had to add users to incorrect K2 Roles, just so they have access to the app. This is confusing from a configuration stand-point, as they do not belong in the K2 Role.