[MAGNOLIA-8570] Check commands permissions correctly if path is not specified Created: 27/Sep/22 Updated: 10/Oct/22 Resolved: 05/Oct/22 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | 6.2.24 |
| Fix Version/s: | 6.3.0, 6.2.25 |
| Type: | Bug | Priority: | Blocker |
| Reporter: | Jonathan Ayala | Assignee: | Quach Hao Thien |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Σ Remaining Estimate: | Not Specified | Remaining Estimate: | Not Specified |
| Σ Time Spent: | 4d 3.5h | Time Spent: | 4d 3.5h |
| Σ Original Estimate: | Not Specified | Original Estimate: | Not Specified |
| Issue Links: |
|
||||||||||||||||||||||||||||||
| Sub-Tasks: |
|
||||||||||||||||||||||||||||||
| Template: | |||||||||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||||||||
| Task DoD: |
[X]*
Doc/release notes changes? Comment present?
[X]*
Downstream builds green?
[X]*
Solution information and context easily available?
[X]*
Tests
[X]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||||||||
| Bug DoR: |
[X]*
Steps to reproduce, expected, and actual results filled
[X]*
Affected version filled
|
||||||||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||||||||
| Epic Link: | Nucleus Security Maintenance | ||||||||||||||||||||||||||||||
| Sprint: | Nucleus 20 | ||||||||||||||||||||||||||||||
| Story Points: | 5 | ||||||||||||||||||||||||||||||
| Team: | |||||||||||||||||||||||||||||||
| Description |
Steps to reproduce
Expected resultsThe item is published. Actual resultsCaused by: info.magnolia.publishing.exception.PublicationException: <ul><li>null: User not allowed to Read path [dam/]</li></ul> (https://nightly.magnolia-cms.com/.magnolia/admincentral#app:logTools:list) WorkaroundDevelopment notesThis method should check the granted permissions by node UUID if path is not provided. |
| Comments |
| Comment by Quach Hao Thien [ 28/Sep/22 ] |
|
Discovery: The JcrExportCommand which is created manually in https://git.magnolia-cms.com/projects/MODULES/repos/publishing/browse/magnolia-publishing-core/src/main/java/info/magnolia/publishing/packager/Packager.java#155 without setting nodePath, hence it's always using "/" by default
JcrExportCommand exportCommand = new JcrExportCommand();
exportCommand.setPath(node.getPath());
|
| Comment by Roman Kovařík [ 29/Sep/22 ] |
|
Not sure if this is the proper solution. Commands can be executed by UUID or path (so only one of them is mandatory). There is already a method to get the node from the system context, we could get path from the node and then do the check in this method. |