Details
-
Bug
-
Resolution: Unresolved
-
High
-
None
-
1.7.6, 1.12.1
-
None
-
None
Description
Without permissions to read user's data (but with the user still existing) editor is getting an error when editing the Landing Page
Setup:
- An additional admin user ("admin2") assigned to "Administrator" Role. User is located in /Users/.
- Additional user ("test_user") assigned to new "test" role with following limitations:
module function limitation user all function content create content edit content versionread content read Node: Users content read Subtree: Home, Media, Users/Administrator users, Users/Guest accounts, Users/Editors, Users/Anonymous Users
They should mean that "test_user" has "read" access to everything except for "admin2"'s data.
Steps to reproduce:
1. Login as admin2
2. Edit "Home" landing page and publish (an existing landing page, so that "admin2" is not the creator and EZEE-1795 does not apply)
3. Log out, log in as "test_user"
4. Edit "Home" landing page
5. Publish
Result:
1. Error bar: " The content cannot be published (Connection error : 401.)" is visible.
2. In the network tab the following response is displayed:
<?xml version="1.0" encoding="UTF-8"?> <ErrorMessage media-type="application/vnd.ez.api.ErrorMessage+xml"><errorCode>401</errorCode><errorMessage>Unauthorized</errorMessage><errorDescription>User does not have access to 'read' 'content'</errorDescription></ErrorMessage>
3. When going to "Home" Page again it can be seen that the Landing Page was in fact published, even though error was displayed.
Attachments
Issue Links
- discovered while testing
-
EZEE-1796 Cannot load versions information on Landing Page with removed editor
- Closed