Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-27092

Users with ReadWrite permission should be able to reply to comments and view replies

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 11.1-SNAPSHOT
    • Fix Version/s: 11.1, 2021.0
    • Component/s: Core
    • Tags:
    • Browser:
    • Sprint:
      nxplatform 11.1.15, nxplatform 11.1.16, nxplatform 11.1.17, nxplatform 11.1.18, nxplatform 11.1.19, nxplatform 11.1.20, nxplatform 11.1.21, nxplatform 11.1.22
    • Story Points:
      1

      Description

      Only users that are in the Members group or have at least ReadWrite permission on Domain can reply to comments and view others' replies.

      Steps to reproduce:

      Given the following document hierarchy in nightly:

      Domain
|_ Workspaces
   |_ Workspace
      |_ Workspace
         |_ Folder
            |_ File

      With the following users:

      • Administrator
      • user1 = belongs to members group, has no other permissions
      • user2 = does not belong to members but has ReadWrite permission on Domain
      • user3 = does not belong to members but has ReadWrite permission on Workspaces OR Workspace OR Folder OR File
      1. As Administrator, add a comment to the File.
      2. As user1, reply to the Administrator's comment on the File.
      3. As user2, navigate to the File and click on the link "1 Reply" under the Administrator's comment.
        => The reply is visible.
      4. Enter another reply.
        => Reply is successful.
      5. As user3, navigate to the File and click on the link "2 Replies" under the Administrator's comment.
        => Toaster notification displays:

        An error occurred while editing replies.

        => Replies are not visible.
        => Errors in console:

        main.bundle.js:12958 GET https://nightly.nuxeo.com/nuxeo/api/v1/id/1881ca21-21d4-452f-aebf-1cf8148257b1/@comment/?pageSize=10&currentPageIndex=0 403

/nuxeo/ui/#!/browse/default-domain/workspaces/Mr%20Workspace/Mr%20Folder/Mr%20File:1 Uncaught (in promise) {entity-type: "exception", status: 403, message: "Privilege 'Read' is not granted to 'mrreadwrite'"}
      1. Click inside the field and type a reply.
      2. Ctrl+Enter or click on the checkmark
        => Toaster notification displays:

        An error occurred while editing replies.

        => Errors in console:

        main.bundle.js:12958 POST https://nightly.nuxeo.com/nuxeo/api/v1/id/1881ca21-21d4-452f-aebf-1cf8148257b1/@comment/ 403

/nuxeo/ui/#!/browse/default-domain/workspaces/Mr%20Workspace/Mr%20Folder/Mr%20File:1 Uncaught (in promise) {entity-type: "exception", status: 403, message: "Privilege 'Read' is not granted to 'mrreadwrite'"}

      Not reproduced in JSF UI. No server log errors.

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. NEV-56 Allow external users to view annotations

          • Critical - Crashes, loss of data, severe memory leak.
          • Open

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 4 hours, 30 minutes
                  4h 30m