Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-20992

Wrong scope in contentViewGenerateError when using DFS and user-permissions

    XMLWordPrintable

    Details

      Description

      We've got a setup with 5.1.0alpha1 legacy stack and DFS Cluster. In addition to this we setup some objectstates like "online", "offline", "in queue". As long as the article is "in queue" or "offline" anonymous users have no read permission to this and get an "eZError::KERNEL_ACCESS_DENIED".
      No problem so far, but when we switch the state to "online" and clear the contentcache the access is still denied for anonymous.
      I started to debug this issue and find an interesting combination bug for clustered setups and user permissions.

      https://github.com/ezsystems/ezpublish-legacy/blob/master/kernel/classes/eznodeviewfunctions.php#L557

      In case of when the user have read permission to the currently viewed node an array with ['content', 'scope', 'store', 'binarydata'] is returned, but when there is no read permission at the moment self::contentViewGenerateError is called which return an array with only ['content', 'store', 'binarydata'].
      The scope => 'viewcache' is missing in this array. This causes a wrong INSERT query in dfsbackends/mysqli.php with no scope and wrong name_trunk set.

      var/site/cache/content/sa/3/5/9/35935-c86.cache var/site/cache/content/sa/3/5/9/35935-c86.cache b7c26ca6181e963320afe3b76a0573a1 misc UNKNOWN_SCOPE 1942 1370510251 0 0

      instead of:

      var/site/cache/content/sa/3/5/9/35935-c86.cache var/site/cache/content/sa/3/5/9/35935- b7c26ca6181e963320afe3b76a0573a1 misc viewcache 1942 1370510494 1 0

      In case of content cache clear all the rows are update equals to
      name_trunk = var/site/cache/content/sa/3/5/9/35935-
      this not matches the incorrectly generated rows with UNKNOWN_SCOPE and wrong name_trunk. So the cache is still presented as not expired as long as I do not clear all the caches.

      To fix this issue only one thing is todo:
      https://github.com/ezsystems/ezpublish-legacy/blob/master/kernel/classes/eznodeviewfunctions.php#L598

      static protected function contentViewGenerateError( eZModule $Module, $error, $store = true, array $errorParameters = array() )
          {
              return array(
                  'content' =>
                      $content = $Module->handleError(
                          $error,
                          'kernel',
                          $errorParameters
                      ),
      ++          'scope' => 'viewcache',
                  'store' => $store,
                  'binarydata' => serialize( $content ),
              );
          }
      

      The pull request is coming soon.

      Regards
      Max

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                myxwr Max Keil
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 30 minutes
                  2d 30m