Details
-
Bug
-
Resolution: Fixed
-
High
-
3.10.1, 4.0.1
-
None
Description
- create a policy that has limitation
- put it in a role
- assign the role with a limitation
=> the policy will be stored in the cache files with a key like 'p_628_32'
Later on, ezuserfunctioncollection 'deserializes' the cache file, but does not grok it, and produces a bad sql query: select ... from ezpolicy_limitation where id = '628_32'.
I can condone using qutoes, but oracle does not condone coercing 628_32 to an int...
Suggested fix (removes the sql error. I am not 100% sure about it being correct wrt perms checking)
if ( $limitationKey != '*' ) { $policyID = str_replace( 'p_', '', $limitationKey ); //// if ( ( $p = strpos( $policyID, '_' ) ) !== false ) $policyID = substr( $policyID, 0, $p ); //// $limitationValue = eZPolicyLimitation::fetchByPolicyID( $policyID ); $resultArray[] = array( 'moduleName' => $moduleName, 'functionName' => $functionName, 'limitation' => $limitationValue ); }