search

enonic / app-contentstudio

Content Studio of Enonic XP
GNU General Public License v3.0
10 stars 4 forks source link

ProjectAccessException after adding project role to an user #1766

Closed sgauruseu closed 4 years ago

sgauruseu commented 4 years ago

  1. Create new User with roles: Administration Console Login, Content Manager Expert, Content Manager App

  2. Open another browser and log in with the user.

  3. Switch to the first browser again , open new project wizard, fill in the display name, click on Custom radio and select the user in the selector:

image

  1. Save the project and go to the second browser window:

BUG: ProjectAccessException thrown and error notification appears:

image

com.enonic.xp.core.impl.project.ProjectAccessException: Denied [user:system:user9999]'' user9999'' user access to [pr1] project for [get] operation at com.enonic.xp.core.impl.project.ProjectPermissionsContextManagerImpl.initGetContext(ProjectPermissionsContextManagerImpl.java:47) at com.enonic.xp.core.impl.project.ProjectServiceImpl.callWithGetContext(ProjectServiceImpl.java:414) at com.enonic.xp.core.impl.project.ProjectServiceImpl.get(ProjectServiceImpl.java:242) at com.enonic.xp.admin.impl.rest.resource.project.ProjectResource.get(ProjectResource.java:155) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138) at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:526) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:415) at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:376) at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:356)

ashklianko commented 4 years ago

@sgauruseu not reproduced, could you please also check now? Noticed one more thing: project list request for newly created user returns stale results after new project created in other browser window, so new project is not returned in list request until log out - log in

sgauruseu commented 4 years ago

Case 2: 1) Log in with the user in the first browser window. 2) Open the second browser window and log in with SU open the project and set Owner role to the user. Save the project image

3) Switch to the first browser window , open the project and try to update the description

BUG: error message appears and exception

com.enonic.xp.core.impl.project.ProjectAccessException: Denied [user:system:user1]'' user1'' user access to [qqqqq] project for [update] operation at com.enonic.xp.core.impl.project.ProjectPermissionsContextManagerImpl.initUpdateContext(ProjectPermissionsContextManagerImpl.java:81) at com.enonic.xp.core.impl.project.ProjectServiceImpl.callWithUpdateContext(ProjectServiceImpl.java:409) at com.enonic.xp.core.impl.project.ProjectServiceImpl.modify(ProjectServiceImpl.java:147) at com.enonic.xp.admin.impl.rest.resource.project.ProjectResource.modify(ProjectResource.java:85) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138) at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:526) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:415) at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:376) at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.f

image

sgauruseu commented 4 years ago

Error message does not appear after the user is relogged in

alansemenov commented 4 years ago

Case 2 is not a bug. User has to log in again to get the new permissions. If there's no longer popup with error message when user didn't do anything, then this can be closed.

ashklianko commented 4 years ago

Case 1 is not reproduced, closing then