View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000160 | WackoWiki | security | public | 2008-04-06 15:32 | 2012-02-22 18:24 |
| Reporter | administrator | Assigned To | Tann San | ||
| Priority | high | Severity | major | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Target Version | 4.3.rc | Fixed in Version | 4.3.rc | ||
| Summary | 0000160: comments won't take the ACL settings of the page | ||||
| Description | this problem is new | ||||
| Steps To Reproduce | create a page with ACL $,$,$ write a comment on this page look into the ACL table for the comment result | Comment45 | comment45 | read | * | but it should be | Comment45 | comment45 | read | $ | for this example | ||||
| Additional Information | /classes/wacko.php function SavePage | ||||
| Tags | No tags attached. | ||||
|
|
Comments now receive the same "read" property as their parent page. If you change the ACL for just that page then the comments for that page also get changed. If you do a Mass ACL change then all sub pages including all sub pages comments get changed. |
|
|
this seems not work if you create a new comment on a page which has Read ACL GroupOne GroupTwo if you change the ACL setting itself the correct acl setting were applied to the comments too / afterwards |
|
|
I created two groups in the config file. Then I created a new page called CommentTest. I gave that page these ACL settings: Read Group1 Group2 Write $ Comments $ Then I wrote a new comment. In SQL it shows the comment read permissions as Group1.Group2 which is correct. If I then change the page read permission back to $ then it also does the comments for that page which is also correct. |
|
|
after you fixed the bug I worked on the comment feed and suddenly a comment from a protected page was shown in the comment feed can't reproduce it again so I close the bug if OK and if it occurs again we can reopen it later |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2008-04-06 15:32 | administrator | New Issue | |
| 2008-04-06 15:32 | administrator | Status | new => assigned |
| 2008-04-06 15:32 | administrator | Assigned To | => Tann San |
| 2008-04-06 15:32 | administrator | Legacy | => NEW |
| 2008-04-06 15:35 | administrator | Description Updated | |
| 2008-04-06 15:35 | administrator | Steps to Reproduce Updated | |
| 2008-04-06 15:35 | administrator | Additional Information Updated | |
| 2008-04-06 15:36 | administrator | Relationship added | related to 0000148 |
| 2008-04-06 15:40 | administrator | Relationship added | child of 0000106 |
| 2008-04-18 13:33 | Tann San | Status | assigned => resolved |
| 2008-04-18 13:33 | Tann San | Fixed in Version | => 5.0.0 |
| 2008-04-18 13:33 | Tann San | Resolution | open => fixed |
| 2008-04-18 13:33 | Tann San | Note Added: 0000314 | |
| 2008-06-01 22:39 | administrator | Note Added: 0000347 | |
| 2008-06-01 22:43 | administrator | Resolution | fixed => reopened |
| 2008-06-01 22:44 | administrator | Status | resolved => assigned |
| 2008-06-16 15:53 | Tann San | Note Added: 0000373 | |
| 2008-06-16 15:54 | Tann San | Status | assigned => feedback |
| 2008-06-30 11:11 | administrator | Note Added: 0000390 | |
| 2008-06-30 11:11 | administrator | Status | feedback => resolved |
| 2008-06-30 11:11 | administrator | Resolution | reopened => fixed |
| 2009-08-19 09:22 | administrator | Fixed in Version | 5.0.0 => 4.3.rc |
| 2009-08-19 09:39 | administrator | Target Version | 5.0.0 => 4.3.rc |
| 2010-03-08 10:22 | administrator | Category | Security => security |
| 2012-02-22 18:19 | administrator | Relationship added | parent of 0000256 |
| 2012-02-22 18:24 | administrator | View Status | private => public |
