Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-21559

Add user check when assigning a permission

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 8.10, 9.1-SNAPSHOT
    • Fix Version/s: 8.10-HF02, 9.1
    • Component/s: Automation
    • Tags:
    • Backlog priority:
      600
    • Upgrade notes:
      Hide

      Check the existence of the input user name or group name before adding a permission: a NuxeoException will be raised if user or group does not exist in the Nuxeo as "User or group name 'xxx' does not exist. Please provide a valid name."

      Show
      Check the existence of the input user name or group name before adding a permission: a NuxeoException will be raised if user or group does not exist in the Nuxeo as "User or group name 'xxx' does not exist. Please provide a valid name."
    • Sprint:
      NOS 9.1.5
    • Story Points:
      3

      Description

      1. create the following chain: 
        - Context.FetchDocument
- Document.AddPermission:
    permission: Read
    username: kvjeniozernofiuzehrt
    acl: local
    blockInheritance: "false"
    notify: "false"
      2. create a button in User actions to trigger the chain on a current document
      3. synchronize the project with Nuxeo server
      4. check there is no user named kvjeniozernofiuzehrt
      5. create a Document
      6. trigger the chain
      7. check the permission tab, a Read permission has been give to user kvjeniozernofiuzehrt

      This is actually done here:
      https://github.com/nuxeo/nuxeo/blob/master/nuxeo-features/nuxeo-automation/nuxeo-automation-core/src/main/java/org/nuxeo/ecm/automation/core/operations/document/AddPermission.java

      The code does not check that the username corresponds to an entry in the user directory. Same problem for group directory as well.

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. NXP-21889 Unable to add ACL on a document with a computed group and virtual user

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day, 6 hours
                  1d 6h