When we configure ACL for a user, some functionality gets cut though it does not affect UI elements, e.g. when we grant a user only ‘read’ permission for tags he is still able to enter ‘Add Tag’ wizard by clicking at ‘Create Tag’ button, although this generates error in logs. We can avoid that scenario by overlaying action bar items and explicitly removing related buttons for that user or a group, however it seems like a wrong idea since we would have to overlay nearly every admin page available.
That’s why we want to know your view on that. Do you think it’s the matter of the development mistakes or is it the way that it supposed to be?
Thank you