[CMS-12433] ContentThreadTool fails in case of insufficient rights - JIRA Ametys

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: 4.9.0
Affects Version/s: 4.8.12, 4.9.0
Component/s: None
Labels:
None

A user can have access to the Content thread tool on some content and not others.
When selecting a content where I have no right, the following error occurs :

The user UserIdentity [login=mag, population=ldap] tried to access the callable method [public java.util.List&lt;java.util.Map&lt;java.lang.String, java.lang.Object>> org.ametys.cms.repository.comment.contributor.ui.ContentThreadClientSideElement.getThread(java.lang.String)] without sufficient rights
org.ametys.runtime.authentication.AccessDeniedException: The user UserIdentity [login=mag, population=ldap] tried to access the callable method [public java.util.List&lt;java.util.Map&lt;java.lang.String, java.lang.Object>> org.ametys.cms.repository.comment.contributor.ui.ContentThreadClientSideElement.getThread(java.lang.String)] without sufficient rights

The tool should check if the user has sufficient rights before calling the callable or handle this error gracefully.
See the history tool for exemple that display a label indicating insufficient right on selection

discovered while testing

CMS-12432 History tool failed with an user with contributor rights

Resolved

Assignee:: Unassigned

Reporter:: Guillaume Gouin

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 27/May/25 12:14

Updated:: 27/May/25 12:14

Details

Description

Attachments

Issue Links

Activity

People

Dates