Small bug with READ-ONLY Permission

1 view
Skip to first unread message

Dmitry A.

unread,
Jan 19, 2010, 8:35:28 PM1/19/10
to In-Portal Bugs Team
I think there is a small bug we need to check for READONLY
permission in Content Even Handler:


/**
* Checks for readonly permissions
*
* @param kEvent $event
*/
function OnUpdate(&$event)
{
if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY',
1)) {
$event->status = erSTOP;
return;
}
parent::OnUpdate($event);
}

Should work well.

DA.

Dmitry A.

unread,
Jan 19, 2010, 8:50:08 PM1/19/10
to In-Portal Bugs Team
Forgot to add it's for In-Portal 5.0.2.

DA.

Dmitry Andrejev

unread,
Jan 19, 2010, 9:26:33 PM1/19/10
to In-Portal Bugs Team
Patch attached

--
You received this message because you are subscribed to the Google Groups "In-Portal Bugs Team" group.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.




Readonly_Permission_check_for_Content_Prefix-Dmitry-20100119-v1.patch

Alexander Obuhovich

unread,
Jan 20, 2010, 3:30:30 AM1/20/10
to in-port...@googlegroups.com
You've forgot to mention where you can actually see the effects of that patch, but I'll do it. ContentEventHander::OnUpdate method is used to save content block translation/contents.

If you'll do a little research in 'SYSTEM_ACCESS.READONLY' permission checking, that you will notice, that most of them are checked directly in kDBEventHandler class. But it looks like, that OnUpdate event was forgotten during session, where 'SYSTEM_ACCESS.READONLY' permission checks were placed. So the correct way is to place this code:


if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
    $event->status = erFAIL;
    return;
}

at the start of kDBEventHandler::OnUpdate event. Also notice, that it sets status to erFAIL, instead of erSTOP. See more about event statuses at http://guide.in-portal.org/eng/index.php/K4:%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D0%B0%D0%BD%D1%82%D1%8B .
--
Best Regards,

http://www.in-portal.com
http://www.alex-time.com

Dmitry A.

unread,
Jan 20, 2010, 12:09:01 PM1/20/10
to In-Portal Bugs Team
Hi Alex,

Yes, you are right here!

I just found a bad example where READONLY check was done, but looked
at kDBEventHandler and knew it was parent and probably we should added
there but thought it was too broad and decided to do it in a child
class.

Anyway will be attaching a new patch shortly.


DA

On Jan 20, 2:30 am, Alexander Obuhovich <aik.b...@gmail.com> wrote:
> You've forgot to mention where you can actually see the effects of that
> patch, but I'll do it. ContentEventHander::OnUpdate method is used to save
> content block translation/contents.
>
> If you'll do a little research in 'SYSTEM_ACCESS.READONLY' permission
> checking, that you will notice, that most of them are checked directly in
> kDBEventHandler class. But it looks like, that OnUpdate event was forgotten
> during session, where 'SYSTEM_ACCESS.READONLY' permission checks were
> placed. So the correct way is to place this code:
>
> if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
>     $event->status = erFAIL;
>     return;
>
> }
>
> at the start of kDBEventHandler::OnUpdate event. Also notice, that it sets

> status to erFAIL, instead of erSTOP. See more about event statuses athttp://guide.in-portal.org/eng/index.php/K4:%D0%9A%D0%BE%D0%BD%D1%81%....


>
> On Wed, Jan 20, 2010 at 4:26 AM, Dmitry Andrejev <dandre...@gmail.com>wrote:
>
>
>
>
>
> > Patch attached
>

> > On Tue, Jan 19, 2010 at 7:50 PM, Dmitry A. <dandre...@gmail.com> wrote:
>
> >> Forgot to add it's for In-Portal 5.0.2.
>
> >> DA.
>
> >> On Jan 19, 7:35 pm, "Dmitry A." <dandre...@gmail.com> wrote:
> >> > I think there is a small bug  we need to check for READONLY
> >> > permission in Content Even Handler:
>
> >> > /**
> >> >  * Checks for readonly permissions
> >> >  *
> >> >  * @param kEvent $event
> >> > */
> >> > function OnUpdate(&$event)
> >> > {
> >> >   if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY',
> >> > 1)) {
> >> >    $event->status = erSTOP;
> >> >    return;
> >> >  }
> >> >  parent::OnUpdate($event);
>
> >> > }
>
> >> > Should work well.
>
> >> > DA.
>
> >> --
> >> You received this message because you are subscribed to the Google Groups
> >> "In-Portal Bugs Team" group.
> >> To post to this group, send email to in-port...@googlegroups.com.
> >> To unsubscribe from this group, send email to

> >> in-portal-bug...@googlegroups.com<in-portal-bugs%2Bunsubscribe@go oglegroups.com>


> >> .
> >> For more options, visit this group at
> >>http://groups.google.com/group/in-portal-bugs?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "In-Portal Bugs Team" group.
> > To post to this group, send email to in-port...@googlegroups.com.
> > To unsubscribe from this group, send email to

> > in-portal-bug...@googlegroups.com<in-portal-bugs%2Bunsubscribe@go oglegroups.com>

Dmitry Andrejev

unread,
Jan 20, 2010, 12:14:58 PM1/20/10
to In-Portal Bugs Team
Here the final Patch for this.

Task still needs to be created and will be included in In-Portal 5.0.3 release.


Cheers!

To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
Readonly_Permission_check_for_Content_Prefix-Dmitry-20100120-v2.patch

Alexander Obuhovich

unread,
Mar 27, 2010, 6:34:41 PM3/27/10
to in-port...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages