page ACLs seem to get mixed up in special cases
-----------------------------------------------
Key: JSPWIKI-352
URL: https://issues.apache.org/jira/browse/JSPWIKI-352
Project: JSPWiki
Issue Type: Bug
Components: Authentication&Authorization
Affects Versions: 2.7.x
Reporter: Florian Holeczek
As reported on the mailing list before, I had some weird issues with pages
getting uneditable as if by a ghost's hand.
I was able to reproduce this error finally like following:
Insert the page ACL "allow view all" to the page named "EditPageHelp" (and
verify there's no other ACL).
Seems as if editing an arbitrary page after this, the page ACLs of the page to
be edited and the EditPageHelp are getting mixed up somehow. The result is,
that pages aren't editable at all (although they should be), or that there's an
error while saving the changes ("you're not allowed to do that, better luck
next time") and the page becomes uneditable from this moment on.
I didn't track it down to the source code, but I think this will be quite easy
now.
Also, I didn't test older releases, only the 2.7.x (current trunk).
Interesting to see that some pages only become uneditable only after trying to
edit them, while others are uneditable from the beginning on. Maybe the pattern
can be checked while debugging in order to get some hints for JSPWIKI-27.
Happy debugging!
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
