Technote Number: 1174138
Problem:
The problem is due to the user having Editor and "Delete Documents" access to
the Resource Reservations database. If a person has Editor with "Delete
Documents" access they will be able to see the Delete Resource button when in a
room or resource document, and hence, have the ability to delete reservations.
The default setting in the Access Control List (ACL) of the Resource
Reservations database is Author with "Delete Documents", not Editor with
"Delete Documents".
This issue was reported to Quality Engineering as SPR# BKAN5TEMKR, and is fixed
in Domino 7.0.2 and 6.5.6.
Excerpt from the Lotus Notes and Domino Release 6.5.6 MR fix list (available at
http://www.ibm.com/developerworks/lotus):
Calendaring & Scheduling
SPR# BKAN5TEMKR - Prior to this fix, unauthorized users could delete
Rooms/Resources.
Refer to the Upgrade Central site for details on upgrading Notes/Domino. More >
|  |
|
|
|
|
|