Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-23121

5.2 Role Service API allows duplicate assignments with subtree limitations to user group

    XMLWordPrintable

    Details

    • Sprint:
      Castor Core S2, Castor Core S3, Castor Core S4

      Description

      Using the 5.2 API, it is possible to assign the same role with the same subtree limitations repeatedly.

      Setup:
      1. Create a user group
      2. Via the API, call the following:

      $group = $userService->loadUserGroup( <group ID> );
      $profileRole = $roleService->loadRoleByIdentifier( 'some_role' );
      $limitation = new SubtreeLimitation( array( 'limitationValues' => array( '/1/2/214/' ) ) );
      $roleService->assignRoleToUserGroup( $profileRole, $group, $limitation );
      // Second call
      $roleService->assignRoleToUserGroup( $profileRole, $group, $limitation );
      

      Expected:
      Looking at the user group in the admin interface, you should only see the single role

      Actual:
      You will see the role and limitation applied twice. Note: this does not occur when applying roles via the admin interface.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              ricardo.correia-obsolete@ez.no Ricardo Correia (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 day
                1d
                Remaining:
                Time Spent - 3 hours, 45 minutes Remaining Estimate - 4 hours, 15 minutes
                4h 15m
                Logged:
                Time Spent - 3 hours, 45 minutes Remaining Estimate - 4 hours, 15 minutes
                3h 45m