Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-23341

Incorrect role/policy subtree limitation handling in section/assign

    Details

      Description

      When a user/group has multiple roles assigned, and one of the roles has a subtree limitation, section/assign will not consider other (more permissive) roles/policies.

      Steps to reproduce:
      1. Create role 1: section, assign, NewSection( Standard , Media , Restricted )
      2. Create role 2: section, assign, NewSection( Standard , Media , Restricted )
      3. Create Folder 'TestFolder' under root, and article 'TestArticle' beneath.
      4. Create user 'TestUser' under group Editors
        1. Assign role1 to 'TestUser' with subtree limitation /TestFolder
        2. Assign role2 to 'TestUser' without limitations.
      5. Login with 'TestUser'
        1. Edit 'TestArticle', verify that modifying section works as intended.
        2. Edit other content outside of the '/TestFolder' path, verify that setting section does not work.

      The following will be displayed in error.log:

      [ Sep 12 2014 18:23:49 ] [127.0.0.1] :
      You do not have permissions to assign the section <Media> to the object <OtherArticle>.
      

        Issue Links

          Activity

          Joao Inacio (Inactive) created issue -
          Joao Inacio (Inactive) made changes -
          Field Original Value New Value
          Link This issue relates to EZP-17219 [ EZP-17219 ]
          Joao Inacio (Inactive) made changes -
          Status Open [ 1 ] Confirmed [ 10037 ]
          Joao Inacio (Inactive) made changes -
          Remote Link This issue links to "PR (Web Link)" [ 14309 ]
          Paulo Lopes (Inactive) made changes -
          Status Confirmed [ 10037 ] InputQ [ 10001 ]
          Damien Pobel (Inactive) made changes -
          Assignee Yannick Roger [ yannick.roger@ez.no ]
          Yannick Roger (Inactive) made changes -
          Status InputQ [ 10001 ] Development [ 3 ]
          Yannick Roger (Inactive) made changes -
          Status Development [ 3 ] Development review [ 10006 ]
          Affects Version/s 2014.07 [ 13481 ]
          Affects Version/s 5.2 [ 12582 ]
          Affects Version/s 5.1 [ 11280 ]
          Affects Version/s 5.3 [ 11282 ]
          Affects Version/s 5.0 [ 10300 ]
          Affects Version/s 5.4-dev [ 13485 ]
          Yannick Roger (Inactive) made changes -
          Status Development review [ 10006 ] Development Review done [ 10028 ]
          Fix Version/s 4.7 Maintenance [ 12583 ]
          Fix Version/s 5.0 Maintenance [ 11287 ]
          Fix Version/s 5.1 Maintenance [ 12301 ]
          Fix Version/s 5.2 Maintenance [ 12782 ]
          Fix Version/s 5.4 [ 13180 ]
          Fix Version/s 5.3.3 [ 13484 ]
          Fix Version/s 2014.09 [ 13681 ]
          Yannick Roger (Inactive) made changes -
          Status Development Review done [ 10028 ] Documentation done [ 10011 ]
          Rui Silva (Inactive) made changes -
          Status Documentation done [ 10011 ] QA [ 10008 ]
          Assignee Yannick Roger [ yannick.roger@ez.no ] Rui Silva [ rui.silva@ez.no ]
          Joao Inacio (Inactive) made changes -
          Link This issue relates to EZP-23263 [ EZP-23263 ]
          Rui Silva (Inactive) made changes -
          Assignee Rui Silva [ rui.silva@ez.no ]
          Status QA [ 10008 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Rui Silva (Inactive) made changes -
          Resolution Fixed [ 1 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          Rui Silva (Inactive) made changes -
          Status Reopened [ 4 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Rui Silva (Inactive) made changes -
          Resolution Fixed [ 1 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          Rui Silva (Inactive) made changes -
          Remaining Estimate 0 minutes [ 0 ]
          Time Spent 1 day [ 28800 ]
          Worklog Id 50636 [ 50636 ]
          Rui Silva (Inactive) made changes -
          Status Reopened [ 4 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          André Rømcke made changes -
          Workflow eZ Engineering Scrumban Workflow [ 64438 ] EZ* Development Workflow [ 85343 ]
          Alex Schuster made changes -
          Workflow EZ* Development Workflow [ 85343 ] EZEE Development Workflow [ 124159 ]

            People

            • Assignee:
              Unassigned
              Reporter:
              Joao Inacio (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 day
                1d