Open Raymoz101 opened 2 years ago
I can confirm this. I have created a user with no rights at all. The user can still see and remove documents.
Paperless-ng as of today is not a multi-user application. The user management is only turned on to have the admin user. It is currently the top voted discussion #52
Describe the bug Additional users (made by the superuser), who are assigned only VIEW permissions can delete documents.
To Reproduce Steps to reproduce the behavior:
Expected behavior The user has only been granted view permissions, but they able to delete as well.
Screenshots If applicable, add screenshots to help explain your problem.
Webserver logs
Relevant information
docker-compose.yml
,docker-compose.env
orpaperless.conf
.