Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-25141

Atomic permission should be returned by BasePermissionsJsonEnricher

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 9.10-HF10
    • Fix Version/s: 9.10-HF11, 10.2
    • Component/s: Rest API
    • Release Notes Summary:
      All permissions are returned when the ACL enricher is used.
    • Tags:
    • Backlog priority:
      700
    • Sprint:
      nxGang Sprint 10.2.7, nxGang Sprint 10.2.8
    • Story Points:
      2

      Description

      1. in Studio create a document type mydoctype
      2. in the edit layout add the following:
            <nuxeo-connection id="myconn" user="{{currentUser}}"></nuxeo-connection>
            
                <dom-if if="[[_hasPermission(document, 'ReadWrite')]]">
              <template>
                aaaa
              </template>
            </dom-if>
        
      3. add the following function in the Polymer script section:
        ,
              _hasPermission(document, perm) {
                const permissions = this.document && this.document.contextParameters && this.document.contextParameters.permissions;
                console.log(permissions);
                console.log(this.currentUser);
        
                return permissions && permissions.indexOf(perm) !== -1;
              }
        
      4. synch the project the project with the server
      5. create a document of type mydoctype
      6. create a user named robert
      7. give ReadWrite permission to user robert using the UI
      8. give WriteSecurity permission to user robert using the following curl (adapt it to match the document id of your environment):
        curl -s -u Administrator:Administrator -X POST -H 'Content-Type: application/json' -d '{"params":{"username":"robert","email":null,"permission":"WriteSecurity","begin":null,"end":null,"notify":false,"comment":""},"context":{},"input":"41e40a83-8afc-4903-ae9c-280facc1818b"}' http://localhost:8080/nuxeo/api/v1/automation/Document.AddPermission
        
      9. refresh the UI
      10. double-check the WriteSecurity permission is present (see assignedPermissions.png)
      11. click the edit button
      12. observe the string aaaa is displayed (see visibleText.png)
      13. now modify the layout by replacing ReadWrite with WriteSecurity:
        <dom-if if="[[_hasPermission(document, 'WriteSecurity')]]">
        
      14. synch the project
      15. click the edit form
      16. observe the string aaaa is not displayed
      17. after some debugging it seems the WriteSecurity is not retrieved (see debuggedPermissions.png)

      Expected behavior: all the permissions should be fetched to use them when needed.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 day, 15 minutes
                1d 15m

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.