Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-22028

Anonymous role in demo site package contains content/view_embed policy that is too wide

    Details

      Description

      Package ref: http://packages.ez.no/ezpublish/5.2/5.2.0/ezdemo_site.ezpkg
      Added in https://github.com/ezsystems/ezdemo/commit/b76ba26a84f5be7fed8d4689d331a916f70ac6b4

      Anonymous user having content/view_embed without limitations will cause embedding of content that it can not read. This includes relation links as well.

      The policy should probably be amended to mirror content/read policy.

        Issue Links

          Activity

          Petar Spanja (Inactive) logged work - 28/Nov/13 3:25 PM
          • Time Spent:
            1 hour
             

            investigating, testing

          Petar Spanja (Inactive) logged work - 02/Dec/13 2:24 PM
          • Time Spent:
            4 hours
             

            investigating, fixing

          Petar Spanja (Inactive) logged work - 03/Dec/13 2:26 PM
          • Time Spent:
            5 hours
             

            testing

          Petar Spanja (Inactive) logged work - 04/Dec/13 2:26 PM
          • Time Spent:
            20 minutes
             

            testing

          Yannick Roger (Inactive) logged work - 11/Dec/13 5:23 PM
          • Time Spent:
            3 hours
             
            <No comment>
          Yannick Roger (Inactive) logged work - 12/Dec/13 9:50 AM
          • Time Spent:
            1 hour
             
            <No comment>
          Pedro Resende (Inactive) logged work - 12/Dec/13 5:48 PM
          • Time Spent:
            2 hours, 30 minutes
             

            Worked on story

            People

            • Assignee:
              Unassigned
              Reporter:
              Petar Spanja (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 days, 50 minutes
                2d 50m