[MGNLDMS-108] After fresh install of DMS, I cannot create folder, file or upload zip archive Created: 10/Nov/07  Updated: 17/Mar/09  Due: 14/Nov/07  Resolved: 13/Nov/07

Status: Closed
Project: Document Management System (closed)
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: Boris Kraft Assignee: Philipp Bärfuss
Resolution: Not an issue Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

OSX, Camino


Template:
Acceptance criteria:
Empty
Date of First Response:

 Description   

After a fresh install of Magnolia snapshot 3.1 and the DMS module, I am unable to create a file or folder if I am logged in as "Boris", a previously created user with superpowers.

When I try to upload a zip archive, I get an alert:

info.magnolia.cms.security.AccessDeniedException: User not allowed to Read path [/]

I do not get any messages when I try to create a folder or file - it just silently fails. Of course the logs do the talking

ERROR info.magnolia.module.admininterface.SaveHandlerImpl SaveHandlerImpl.java(save:215) 09.11.2007 19:37:01 User not allowed to Read path [/]
info.magnolia.cms.security.AccessDeniedException: User not allowed to Read path [/]
at info.magnolia.cms.core.Access.isGranted(Access.java:42)
at info.magnolia.cms.core.DefaultContent.<init>(DefaultContent.java:123)
at info.magnolia.cms.core.DefaultHierarchyManager.getRoot(DefaultHierarchyManager.java:383)
at info.magnolia.module.admininterface.SaveHandlerImpl.getPageNode(SaveHandlerImpl.java:773)
at info.magnolia.module.admininterface.SaveHandlerImpl.save(SaveHandlerImpl.java:170)
at info.magnolia.module.admininterface.DialogMVCHandler.onSave(DialogMVCHandler.java:293)
at info.magnolia.module.admininterface.DialogMVCHandler.save(DialogMVCHandler.java:189)

After I log out as "Boris" and log in as superuser, I see the uploaded zip archive extracted exactly as it should be. Once I log back in as "Boris" I can now do everything without errors.



 Comments   
Comment by Magnolia International [ 10/Nov/07 ]

So the issue would be more that a user lacking permissions doesn't get a proper error message? Is that specific to dms?
Also, you don't tell us what permission that user has, so we're going to have a hard time guessing it

Comment by Boris Kraft [ 10/Nov/07 ]

As I said I created a new user with "superpowers" i.e. a superuser role. Sorry if that was not clear. SO the permissions are not the issue, especially since everything works after the above steps.

To repeat:

  • do a fresh install of Magnolia until it is runnung
  • create a new user called "Boris", assign role "superuser"
  • shutdown, add samples and DMS, restart, update
  • Login as "Boris"
  • try to use the DMS, creation of files, folders fails silently. Try to upload zipped archive, get error message above
  • Logout. Login as superuser
  • surprise: the zipped files have actually been unzipped and are in the DMS
  • logout. Login as "Boris" - and all DMS functionality works.
Comment by Magnolia International [ 10/Nov/07 ]

So, to be extra-clear: your user has a single role: "superuser", and no groups? Can you check the ACLs of that role after the dms installation ? Can superuser upload documents ?

Comment by Magnolia International [ 10/Nov/07 ]

(and i mean the superuser user, here )

Comment by Boris Kraft [ 10/Nov/07 ]

yes, the superuser was able to create documents. And all I did was assign superuser role to the user "Boris", no groups, no other roles.

Somehow it felt as if the superuser role update when installing the DMS (is that happening?) did not propagate to the user that was created before the installation of the DMS, until I logged in as superuser once.

Comment by Magnolia International [ 10/Nov/07 ]

I'm sorry but I haven't been able to reproduce.
I first tried without the samples modules (1st clean install, then added the dms module), everything seemed to work the way it should, then I added the samples module and it still works.

Yes, the superuser role is updated when adding a new workspace, but that doesn't have to "propagate", roles are references, not copies. What could happen, however, is that the sessions being serialized, your permissions are kept until you logout/login, even if restart the server. Could it be that you didn't logout/login the user "Boris" while you installed DMS?

Comment by Boris Kraft [ 11/Nov/07 ]

That is absolutely possible, yes. It would explain the behaviour. Do you want to create a task to dynamically update the unserialized session after a restart if an update has happend? It is related to the request that a change in user rights should propagate immediately (although that is usually meant in the way of blocking access immediately for a user)

Generated at Mon Feb 12 00:48:30 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.