Uploaded image for project: 'Front Edition'
  1. Front Edition
  2. FRONTEDIT-238

Front edition error: assigning rights for a page

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • 1.12.3, 1.13.0
    • None
    • None
    • 4.8.0 M6

      Steps to reproduce bug:

      -Use demo

      -Access the profile assignment tool

      -Remove the admin profile from the root of the sitemap

      -Assign administrator right on any page

      -Access the front office

      -Activate front edition and modify a content on that page

      -Save the content

      Bug:
      JS:

      [Ametys.cms.content.Content]    Une erreur inattendue est survenue lors du verrouillage ou déverrouilage de contenus (La réponse du serveur est incomplète et ne contient pas les informations permettant de continuer le traitement correctement.) 

      Ametys Stacktrace:

      Caused by: org.ametys.runtime.authentication.AccessDeniedException: User UserIdentity [login=XXXXX, population=utilisateurs] is not allowed to access front edition
at org.ametys.plugins.frontedition.DispatchGenerator#_setContextInRequestAttributes:80
at org.ametys.core.ui.dispatcher.DispatchGenerator#_dispatching:130
at org.ametys.core.ui.dispatcher.DispatchGenerator#generate:95
at org.apache.cocoon.components.pipeline.AbstractProcessingPipeline#processXMLPipeline:581
... 91 more

      This means that customers are going to have to assign rights on the root of the sitemap instead of the desired page which is very dangerous.

        1. image-2024-01-04-16-35-47-791.png
          image-2024-01-04-16-35-47-791.png
          137 kB

          [FRONTEDIT-238] Front edition error: assigning rights for a page

          James Hawken added a comment -

          tested on latest nightly demo

          James Hawken added a comment - tested on latest nightly demo

          Laurence Aumeunier added a comment -

          Since FRONTEDIT-237 resolution

          Laurence Aumeunier added a comment - Since FRONTEDIT-237 resolution

          Laurence Aumeunier added a comment -

          The administrator profil is not needed on sitemap. Only a profile with the right "Modification depuis le site".
          This right is necessary but not enough to edit a page and/or content. Right of edition are also needed.

          But here, I think the issue is that the current page cannot be retrieve. In this case the front edition right is check on sitemap instead of the page.

          Laurence Aumeunier added a comment - The administrator profil is not needed on sitemap. Only a profile with the right "Modification depuis le site". This right is necessary but not enough to edit a page and/or content. Right of edition are also needed. But here, I think the issue is that the current page cannot be retrieve. In this case the front edition right is check on sitemap instead of the page.

            laurence Laurence Aumeunier
            jhawken James Hawken
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: