Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-6617

Rescue user created by RescueSecuritySupport has no powers on users workspace

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.4.10, 5.5
    • Component/s: core
    • Labels:
    • Sprint:
      Basel 68
    • Story Points:
      2
    • Magnolia Release:
      5.4.10, 5.5

      Description

      To reproduce

      No hint on the UI that something went wrong but looking in the logs one can see

      2016-03-30 10:37:01,579 ERROR info.magnolia.cms.security.JCRSessionOp           : Failed to execute info.magnolia.cms.security.MgnlUserManager$1@57a38fd0 session operation with info.magnolia.cms.security.RescueSecuritySupport$RescueUser cannot be cast to info.magnolia.cms.security.MgnlUser
      java.lang.ClassCastException: info.magnolia.cms.security.RescueSecuritySupport$RescueUser cannot be cast to info.magnolia.cms.security.MgnlUser
      	at info.magnolia.cms.security.MgnlUserManager$1.doExec(MgnlUserManager.java:138)
      	at info.magnolia.cms.security.MgnlUserManager$1.doExec(MgnlUserManager.java:134)
      	at info.magnolia.cms.security.SilentSessionOp.exec(SilentSessionOp.java:70)
      	at info.magnolia.context.MgnlContext.doInSystemContext(MgnlContext.java:392)
      	at info.magnolia.context.MgnlContext.doInSystemContext(MgnlContext.java:377)
      	at info.magnolia.cms.security.MgnlUserManager.setProperty(MgnlUserManager.java:134)
      	at info.magnolia.security.app.dialog.action.SaveUserDialogAction.createOrUpdateUser(SaveUserDialogAction.java:179)
      	at info.magnolia.security.app.dialog.action.SaveUserDialogAction.execute(SaveUserDialogAction.java:97)
      

      And no changes were persisted, of course.

      ------
      Solution
      All users returned by the RescueSecurityManager must be the actual ones coming from the users workspace, except superuser who is the in-memory, temporary RescueUser needed to access AdminCentral and fix the configuration.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              fgrilli Federico Grilli
              Reporter:
              fgrilli Federico Grilli
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0d
                  0d
                  Logged:
                  Time Spent - 3h
                  3h