Greetings!
I recently installed ckan version 2.8.7 on ubuntu 18.04 as package.
In my /usr/lib/ckan/default/src/ckan/ckan/authz.py file,
# these are the permissions that roles have
ROLE_PERMISSIONS = OrderedDict([
('admin', ['admin']),
('editor', ['read', 'delete_dataset', 'create_dataset', 'update_dataset', 'manage_group']),
('member', ['read', 'manage_group']),
])
when I tried to remove the 'delete_dataset' option from the editor role, I was still able to delete the dataset. Can someone please explain this behavior?
Moreover, when I tried to remove the 'manage_group' option , it gave me this error.
403 Forbidden
Access was denied to this resource.
Unauthorized to read package
Can't we alter the permissions in ckan?