[MGNLDMS-108] After fresh install of DMS, I cannot create folder, file or upload zip archive Created: 10/Nov/07 Updated: 17/Mar/09 Due: 14/Nov/07 Resolved: 13/Nov/07 |
|
| Status: | Closed |
| Project: | Document Management System (closed) |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major |
| Reporter: | Boris Kraft | Assignee: | Philipp Bärfuss |
| Resolution: | Not an issue | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
OSX, Camino |
||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Date of First Response: |
| Description |
|
After a fresh install of Magnolia snapshot 3.1 and the DMS module, I am unable to create a file or folder if I am logged in as "Boris", a previously created user with superpowers. When I try to upload a zip archive, I get an alert: info.magnolia.cms.security.AccessDeniedException: User not allowed to Read path [/] I do not get any messages when I try to create a folder or file - it just silently fails. Of course the logs do the talking ERROR info.magnolia.module.admininterface.SaveHandlerImpl SaveHandlerImpl.java(save:215) 09.11.2007 19:37:01 User not allowed to Read path [/] After I log out as "Boris" and log in as superuser, I see the uploaded zip archive extracted exactly as it should be. Once I log back in as "Boris" I can now do everything without errors. |
| Comments |
| Comment by Magnolia International [ 10/Nov/07 ] |
|
So the issue would be more that a user lacking permissions doesn't get a proper error message? Is that specific to dms? |
| Comment by Boris Kraft [ 10/Nov/07 ] |
|
As I said I created a new user with "superpowers" i.e. a superuser role. Sorry if that was not clear. SO the permissions are not the issue, especially since everything works after the above steps. To repeat:
|
| Comment by Magnolia International [ 10/Nov/07 ] |
|
So, to be extra-clear: your user has a single role: "superuser", and no groups? Can you check the ACLs of that role after the dms installation ? Can superuser upload documents ? |
| Comment by Magnolia International [ 10/Nov/07 ] |
|
(and i mean the superuser user, here |
| Comment by Boris Kraft [ 10/Nov/07 ] |
|
yes, the superuser was able to create documents. And all I did was assign superuser role to the user "Boris", no groups, no other roles. Somehow it felt as if the superuser role update when installing the DMS (is that happening?) did not propagate to the user that was created before the installation of the DMS, until I logged in as superuser once. |
| Comment by Magnolia International [ 10/Nov/07 ] |
|
I'm sorry but I haven't been able to reproduce. Yes, the superuser role is updated when adding a new workspace, but that doesn't have to "propagate", roles are references, not copies. What could happen, however, is that the sessions being serialized, your permissions are kept until you logout/login, even if restart the server. Could it be that you didn't logout/login the user "Boris" while you installed DMS? |
| Comment by Boris Kraft [ 11/Nov/07 ] |
|
That is absolutely possible, yes. It would explain the behaviour. Do you want to create a task to dynamically update the unserialized session after a restart if an update has happend? It is related to the request that a change in user rights should propagate immediately (although that is usually meant in the way of blocking access immediately for a user) |