Hi there,
Well i got this issue or problem , in where a submission that is already on the Production tab, the author can access this tab that is restringed by default and modify the galley content, this author do not hace access to this seccion, and much less permissions, except those assigned by the author profile, and verify the role and everything is in order, what it detects is that if the author is in the same network where OJS operates, he has access to the production tab and can modify the galley, but if you try to access it with the same credentials but using the data of your cell phone, it will give you denied access (this should happen in any network the author uses, block by profile type)
As you may notice this is a serious security problem because any author can modify the file of your shipment that is already in production, I have already reviewed the profiles and roles of users and everything is in order, the funny thing is that do not restrict access to the production tab to authors if they are connected from the same network in which the OJS system is operating.
I await your comments and possible causes as well as solutions to this.
Beforehand thank you very much