Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-20949

Fatal error on versionview permission check

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Medium
    • Resolution: Fixed
    • 4.7.0, 5.0, 5.1
    • Customer request, 4.7.0, 5.0, 5.1
    • Permissions
    • None
    • eZ Publish 4.7

    Description

      Attempting to versionview an object's first version draft, for which user has no full privileges, results in a fatal error, if the container of the object has been removed.

      Steps to reproduce:
      • create a new section: my_restricted
      • create a role assigning privileges to create, read, versionview, assign section for this new section
      • create 1 editor users - editor_restricted. assign this new role (together with the basic editor role)
      • create 1 editor user - editor. assign the basic editor role alone
      • create a folder and assign it to section my_restricted
      • logged in as editor_restricted, create an article, within this folder and store it as a draft
      • on a different browser open the correspondent versionview/<objectid>/1/language, logged in with the regular editor user
      • remove the container folder
      • refresh the versionview page, with the regular editor user
      • result: fatal error while trying to verify if user has privileges to access to the object's parent.
      • accessing the versionview page with the user that has full permissions doesn't result in fatal error, since no checkAccess on parent is attempted

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              joaquim.cavalleri-obsolete@ez.no Joaquim Cavalleri (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 3 hours
                  2d 3h