Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-22028

Anonymous role in demo site package contains content/view_embed policy that is too wide

    Details

      Description

      Package ref: http://packages.ez.no/ezpublish/5.2/5.2.0/ezdemo_site.ezpkg
      Added in https://github.com/ezsystems/ezdemo/commit/b76ba26a84f5be7fed8d4689d331a916f70ac6b4

      Anonymous user having content/view_embed without limitations will cause embedding of content that it can not read. This includes relation links as well.

      The policy should probably be amended to mirror content/read policy.

        Issue Links

          Activity

          Petar Spanja (Inactive) created issue -
          Petar Spanja (Inactive) made changes -
          Field Original Value New Value
          Link This issue relates to EZP-20388 [ EZP-20388 ]
          Petar Spanja (Inactive) made changes -
          Link This issue discovered while testing EZP-21438 [ EZP-21438 ]
          Paulo Lopes (Inactive) made changes -
          Fix Version/s Customer request [ 11018 ]
          Paulo Lopes (Inactive) made changes -
          Status Open [ 1 ] Confirmed [ 10037 ]
          Gunnstein Lye made changes -
          Status Confirmed [ 10037 ] InputQ [ 10001 ]
          Petar Spanja (Inactive) made changes -
          Status InputQ [ 10001 ] Development [ 3 ]
          Assignee Petar Spanja [ petar.spanja@ez.no ]
          Yannick Roger (Inactive) made changes -
          Assignee Petar Spanja [ petar.spanja@ez.no ] Yannick Roger [ yannick.roger@ez.no ]
          Petar Spanja (Inactive) made changes -
          Remaining Estimate 0 minutes [ 0 ]
          Time Spent 1 hour [ 3600 ]
          Worklog Id 43521 [ 43521 ]
          Yannick Roger (Inactive) made changes -
          Time Spent 1 hour [ 3600 ] 4 hours [ 14400 ]
          Worklog Id 43530 [ 43530 ]
          Yannick Roger (Inactive) made changes -
          Status Development [ 3 ] Development review [ 10006 ]
          Affects Version/s 5.1 [ 11280 ]
          Fix Version/s 5.3 [ 11282 ]
          Yannick Roger (Inactive) made changes -
          Status Development review [ 10006 ] Development Review done [ 10028 ]
          Affects Version/s 5.3-dev [ 12979 ]
          Fix Version/s 5.3 [ 11282 ]
          Fix Version/s 5.1 Maintenance [ 12301 ]
          Fix Version/s 5.2 Maintenance [ 12782 ]
          Yannick Roger (Inactive) made changes -
          Time Spent 4 hours [ 14400 ] 5 hours [ 18000 ]
          Worklog Id 43550 [ 43550 ]
          Yannick Roger (Inactive) made changes -
          Status Development Review done [ 10028 ] Documentation done [ 10011 ]
          Pedro Resende (Inactive) made changes -
          Status Documentation done [ 10011 ] QA [ 10008 ]
          Assignee Yannick Roger [ yannick.roger@ez.no ] Pedro Resende [ pedro.resende@ez.no ]
          Paulo Lopes (Inactive) made changes -
          Comment [ A comment with security level 'Employees' was removed. ]
          Paulo Nunes (Inactive) made changes -
          Fix Version/s Customer request [ 11018 ]
          Pedro Resende (Inactive) made changes -
          Assignee Pedro Resende [ pedro.resende@ez.no ]
          Status QA [ 10008 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Pedro Resende (Inactive) made changes -
          Resolution Fixed [ 1 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          Pedro Resende (Inactive) made changes -
          Time Spent 5 hours [ 18000 ] 7 hours, 30 minutes [ 27000 ]
          Worklog Id 43578 [ 43578 ]
          Pedro Resende (Inactive) made changes -
          Status Reopened [ 4 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Petar Spanja (Inactive) made changes -
          Resolution Fixed [ 1 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          Petar Spanja (Inactive) made changes -
          Time Spent 7 hours, 30 minutes [ 27000 ] 1 day, 3 hours, 30 minutes [ 41400 ]
          Worklog Id 44874 [ 44874 ]
          Petar Spanja (Inactive) made changes -
          Status Reopened [ 4 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Petar Spanja (Inactive) made changes -
          Resolution Fixed [ 1 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          Petar Spanja (Inactive) made changes -
          Time Spent 1 day, 3 hours, 30 minutes [ 41400 ] 2 days, 30 minutes [ 59400 ]
          Worklog Id 44875 [ 44875 ]
          Petar Spanja (Inactive) made changes -
          Status Reopened [ 4 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Petar Spanja (Inactive) made changes -
          Resolution Fixed [ 1 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          Petar Spanja (Inactive) made changes -
          Time Spent 2 days, 30 minutes [ 59400 ] 2 days, 50 minutes [ 60600 ]
          Worklog Id 44876 [ 44876 ]
          Petar Spanja (Inactive) made changes -
          Status Reopened [ 4 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          André Rømcke made changes -
          Workflow eZ Engineering Scrumban Workflow [ 60258 ] EZ* Development Workflow [ 84555 ]
          Alex Schuster made changes -
          Workflow EZ* Development Workflow [ 84555 ] EZEE Development Workflow [ 123215 ]

            People

            • Assignee:
              Unassigned
              Reporter:
              Petar Spanja (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 days, 50 minutes
                2d 50m