Major I have the following page access configuration :
- Page A (restricted to user1, user2)
- Page A1 (restricted to user2, user3)
- Page A2 (restricted to user1, user2)
The page A contains a filtered contents service.
When I access to page A with user1 on FO, I can see the contents of page A1 and page A2.
If I click on content of page A1, I have a AccessDeniedException
The content of page A1 should not appear on page A
[CMS-7197] Wrong access checking on a filtered contents service with private contents
Laurence Aumeunier
made changes -
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
Laurence Aumeunier
made changes -
| Fix Version/s | New: 3.7.4 [ 12902 ] |
Laurence Aumeunier
made changes -
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Reopened [ 4 ] | New: Resolved [ 5 ] |
Laurence Aumeunier
made changes -
| Resolution | Original: Fixed [ 1 ] | |
| Status | Original: Resolved [ 5 ] | New: Reopened [ 4 ] |
Laurence Aumeunier
made changes -
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Laurence Aumeunier
added a comment - Furthermore, the excluded users/groups are not take into account
Laurence Aumeunier
added a comment - Furthermore, the excluded users/groups are not take into account Laurence Aumeunier
made changes -
| Description |
Original:
I have the following page access configuration :
* Page A (restricted to user1, user2) ** Page A1 (restricted to user2, user3) ** Page A2 (restricted to user1, user2) The page A contains a filtered contents service. When I access to page A with user1 on FO, I can see the contents of page A1 and page A2. If I click on content of page A1, I have a AccessDeniedException The content of page A1 should not appear on page A |
New:
I have the following page access configuration :
* Page A (restricted to user1, user2) ** Page A1 (restricted to user2, user3) ** Page A2 (restricted to user1, user2) The page A contains a filtered contents service. When I access to page A with user1 on FO, I can see the contents of page A1 and page A2. If I click on content of page A1, I have a AccessDeniedException The content of page A1 should not appear on page A |
Laurence Aumeunier
made changes -
| Description |
Original:
I have the following page access configuration :
* Page A (user1, user2) * * Page A1 (user2, user3) * * Page A2 (user1, user2) The page A contains a filtered contents service. When I access to page A with user1 on FO, I can see the contents of page A1 and page A2. If I click on content of page A1, I have a AccessDeniedException The content of page A1 should not appear on page A |
New:
I have the following page access configuration :
* Page A (restricted to user1, user2) ** Page A1 (restricted to user2, user3) ** Page A2 (restricted to user1, user2) The page A contains a filtered contents service. When I access to page A with user1 on FO, I can see the contents of page A1 and page A2. If I click on content of page A1, I have a AccessDeniedException The content of page A1 should not appear on page A |
Laurence Aumeunier
made changes -
| Summary | Original: Wrong access checking on a filtered content service with private contents | New: Wrong access checking on a filtered contents service with private contents |
I have the following page access configuration :
The page A contains a filtered contents service sur "page access" limitation.
When I access to page A with user1 on FO, I can see the contents of page A1 and page A2.
If I click on content of page A1, I have a AccessDeniedException
The content of page A1 should not appear on page A.