search

passbolt / mobile-passbolt-ios

iOS mobile app for Passbolt, the open source password manager for teams.
https://apps.apple.com/nz/app/passbolt-password-manager/id1569629432
GNU Affero General Public License v3.0
27 stars 12 forks source link

PB-35271 - iOS app allows sharing when sharing is disabled (RBAC) #12

Open hhc97 opened 3 weeks ago

hhc97 commented 3 weeks ago

What you did

Turned Can see with whom passwords are shared with setting to Deny. Tried to share a password via the web client, was unable to do so. Tried to share the password with the iOS app, password was shared successfully and the recipient got an email. Server settings:

image

What happened

Password was shared successfully via the iOS app when the web client did not allow sharing

What you expected to happen

Both clients should behave the same way, either both clients don't allow sharing, or both allow sharing.

Server version: CE 4.9.1 iOS app version: 1.19.0 Web extension version: 4.9.3

cedricalfonsi commented 3 weeks ago

Hello @hhc97,

The Role-Based Access Control feature is currently incomplete on iOS and may not support all settings. There is no ETA at the moment, but the ticket will be updated once it is prioritized.

Internal ticket reference: PB-35271