[MAGNOLIA-8025] Show error message in log when permission is denied (read/write) Created: 14/Feb/14 Updated: 11/Mar/21 |
|
| Status: | Open |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major |
| Reporter: | Marvin Kerkhoff | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
| Date of First Response: |
| Description |
|
Currently, if any code tries to access/write data without the relevant permission given to the currently logged in user (or anonymous if you're not logged in), no error is shown in the log file! I believe this is an extremely common issue coming up to many developers, whether new to Magnolia CMS or advanced. |
| Comments |
| Comment by Adrien Berthou [ 27/Feb/14 ] |
|
1. As a developer/tester/support, I want the relevant error message showed in the log file when a permission is denied. 2. As a developer/tester/support, I want to be able to enable/disable this feature via configuration in the admin panel. 3. Just an idea/inspiration: a cool feature could also be to add an actual message on the page itself, such as "Some content could not be shown because you do not have the required permission". This would force the developer to make the necessary checks before trying to access data that is not supposed to be for "the whole world". This could be very useful for http://wiki.magnolia-cms.com/display/DEV/Concept+-+Personalization |
| Comment by Richard Gange [ 11/Mar/21 ] |
|
As far as logging is concerned JR's org.apache.jackrabbit.core.security package could be turned on either in the log4j file or using the Log Tools app. All the access control is handled at that level. |