Details
-
Bug
-
Resolution: Unresolved
-
High
-
None
-
None
-
None
Description
The root of the problem lies in the eZ kernel:
- the extension, when receiveing a delete-object REST call, deletes objects by calling the operation content/delete
- which calls method eZContentOperationCollection::deleteObject
- which calls eZContentObjectTreeNode::removeSubtrees
and the latter never returns false.
So the extension never knows what is going on, and returns "ok" to calling server even if object was never deleted.
The easy workaround is to tell users to always use the admin user for connecting from source to target servers, but
- it has to be documented
- it is not imho good practice, security-wise
The better workaround would be to patch eZContentObjectTreeNode::removeSubtrees, but it could have side issues...