This week's giveaways are in the MongoDB and Jobs Discussion forums. We're giving away four copies of Mongo DB Applied Patterns and 4 resume reviews from Five Year Itch and have the authors/reps on-line! See this thread and this one for details.
- Created a role named "Test Role". Currently, there are no permissions assigned to the role.
- Created a user named "Katy".
- Assigned the "Test role" to "Katy". Removed the “Power User” role.
- Now, admin user views the public page of the user and add a portlet named "My Test Portlet".
- Admin user sign-out
- Logged-in as Katy and views the home page. The user is able to see the home page with "My Test Portlet".
My question: How the user katy is able to view the "My Test Portlet" as the "Test Role" do not have any privileges. I expect the user should see the error message “Access denied”. Please clarify my doubt.