New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error when accessing the Links screen if the user doesn't have `View` rights to all folders on the host #9666

Open
john-thomas-dotcms opened this Issue Aug 25, 2016 · 0 comments

Comments

Projects
None yet
1 participant
@john-thomas-dotcms
Contributor

john-thomas-dotcms commented Aug 25, 2016

After assigning a Role Edit rights to the Link permissions for the host, if the user doesn't have View permissions for all folders on the host, then an error is displayed (instead of the screen) when the user attempts to view the Links screen. Tested locally in 3.5, 3.5.1 and 3.6 (latest nightly build 08/24), and on demo.

Steps to Reproduce

  1. Select System -> Roles & Tabs.
  2. Select the Publisher / Legal role.
  3. Select the Permissions tab.
  4. Add Site/Folder demo.dotcms.com.
  5. Under demo.dotcms.com, check the Publish rights of the Links permission.
  6. Press the Apply Changes button.
  7. Login As Chris Publisher
  8. Select Site Browser -> Links

Result

The Links screen is not displayed. Instead, the following error message appears:

An unexpected system error occurred.

dotcms.org.2795

Notes

  • The user/role must have View permissions on Folders under the host for the Links screen to display properly.
    • This is non-intuitive, but might make sense, since links must exist in some folder on the host.
  • Note that in this particular case, there actually are some links in a folder on the host that this user/role has permissions to view (in the /resources folder), and even those aren't displayed in the Links screen.
    • So it still seems a little wrong that a user/role needs view permissions for all folders on the host in order to be able to view the Links in the specific folders they have permissions for.
  • Whether or not this is OK from a required permissions standpoint, the display of a cryptic error instead of a normal error message is a problem.

Log File Messages

The following messages appear in the log file when the user attempts to display the Links screen:

[25/08/16 11:25:00:498 PDT] ERROR business.FolderAPIImpl: dotcms.org.2795
[25/08/16 11:25:00:498 PDT] ERROR action.ViewLinksAction: Exception e =dotcms.org.2795
com.dotmarketing.exception.DotSecurityException: dotcms.org.2795
at com.dotmarketing.portlets.folders.business.FolderAPIImpl.findParentFolder(FolderAPIImpl.java:148) ~[dotcms_3.5_g14af2ce.jar:?]
at com.dotmarketing.factories.WebAssetFactory.getAssetsAndPermissions(WebAssetFactory.java:2088) ~[dotcms_3.5_g14af2ce.jar:?]
at com.dotmarketing.portal.struts.DotPortletAction._viewWebAssets(DotPortletAction.java:665) [dotcms_3.5_g14af2ce.jar:?]
at com.dotmarketing.portal.struts.DotPortletAction._viewWebAssets(DotPortletAction.java:566) [dotcms_3.5_g14af2ce.jar:?]
at com.dotmarketing.portlets.links.action.ViewLinksAction.render(ViewLinksAction.java:43) [dotcms_3.5_g14af2ce.jar:?]
at com.liferay.portal.struts.PortletAction.execute(PortletAction.java:66) [dotcms_3.5_g14af2ce.jar:?]
at com.dotcms.repackage.org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:421) [dot.struts-1.2.4_2.jar:1.2.4]
at com.liferay.portal.struts.PortletRequestProcessor.processActionPerform(PortletRequestProcessor.java:192) [dotcms_3.5_g14af2ce.jar:?]
at com.dotcms.repackage.org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:226) [dot.struts-1.2.4_2.jar:1.2.4]
at com.liferay.portal.struts.PortletRequestProcessor.process(PortletRequestProcessor.java:91) [dotcms_3.5_g14af2ce.jar:?]
at com.liferay.portlet.StrutsPortlet.include(StrutsPortlet.java:148) [dotcms_3.5_g14af2ce.jar:?]
at com.liferay.portlet.StrutsPortlet.doView(StrutsPortlet.java:100) [dotcms_3.5_g14af2ce.jar:?]
at com.dotcms.repackage.javax.portlet.GenericPortlet.doDispatch(GenericPortlet.java:235) [dot.portlet-1.0_2.jar:?]
at com.dotcms.repackage.javax.portlet.GenericPortlet.render(GenericPortlet.java:163) [dot.portlet-1.0_2.jar:?]
at com.liferay.portlet.CachePortlet.render(CachePortlet.java:159) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.jsp.html.portal.layout_jsp._jspService(layout_jsp.java:605) [ROOT/:?]
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) [jasper.jar:8.0.18]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) [servlet-api.jar:?]
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:431) [jasper.jar:8.0.18]
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396) [jasper.jar:8.0.18]
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340) [jasper.jar:8.0.18]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) [servlet-api.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:721) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:584) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:523) [catalina.jar:8.0.18]
at org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:934) [jasper.jar:8.0.18]
at org.apache.jsp.html.portal.layout_005fportal_jsp._jspService(layout_005fportal_jsp.java:2967) [ROOT/:?]
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) [jasper.jar:8.0.18]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) [servlet-api.jar:?]
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:431) [jasper.jar:8.0.18]
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396) [jasper.jar:8.0.18]
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340) [jasper.jar:8.0.18]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) [servlet-api.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:721) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:466) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:391) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:318) [catalina.jar:8.0.18]
at com.liferay.portal.struts.StrutsUtil.forward(StrutsUtil.java:72) [dotcms_3.5_g14af2ce.jar:?]
at com.liferay.portal.struts.PortalRequestProcessor.doForward(PortalRequestProcessor.java:174) [dotcms_3.5_g14af2ce.jar:?]
at com.dotmarketing.struts.PortalRequestProcessor.doForward(PortalRequestProcessor.java:51) [dotcms_3.5_g14af2ce.jar:?]
at com.dotcms.repackage.org.apache.struts.tiles.TilesRequestProcessor.processTilesDefinition(TilesRequestProcessor.java:237) [dot.struts-1.2.4_2.jar:1.2.4]
at com.dotcms.repackage.org.apache.struts.tiles.TilesRequestProcessor.processForwardConfig(TilesRequestProcessor.java:300) [dot.struts-1.2.4_2.jar:1.2.4]
at com.dotcms.repackage.com.oroad.stxx.plugin.StxxTilesRequestProcessor.processForwardConfig(StxxTilesRequestProcessor.java:134) [dot.stxx-1.3_2.jar:?]
at com.dotcms.repackage.org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231) [dot.struts-1.2.4_2.jar:1.2.4]
at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:160) [dotcms_3.5_g14af2ce.jar:?]
at com.dotcms.repackage.org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164) [dot.struts-1.2.4_2.jar:1.2.4]
at com.dotcms.repackage.org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397) [dot.struts-1.2.4_2.jar:1.2.4]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:618) [servlet-api.jar:?]
at com.liferay.portal.servlet.MainServlet.callParentService(MainServlet.java:277) [dotcms_3.5_g14af2ce.jar:?]
at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:506) [dotcms_3.5_g14af2ce.jar:?]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) [servlet-api.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotcms.repackage.com.liferay.filters.secure.SecureFilter.doFilter(SecureFilter.java:135) [dot.secure-filter-ukv_2.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotcms.repackage.org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:404) [dot.urlrewritefilter-4.0.3_2.jar:4.0.3]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.filters.CMSFilter.doFilter(CMSFilter.java:244) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.filters.AutoLoginFilter.doFilter(AutoLoginFilter.java:61) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.cms.urlmap.filters.URLMapFilter.doFilter(URLMapFilter.java:307) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.filters.TimeMachineFilter.doFilter(TimeMachineFilter.java:174) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.filters.ThreadNameFilter.doFilter(ThreadNameFilter.java:90) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.filters.CookiesFilter.doFilter(CookiesFilter.java:33) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at com.dotmarketing.filters.CharsetEncodingFilter.doFilter(CharsetEncodingFilter.java:146) [dotcms_3.5_g14af2ce.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) [catalina.jar:8.0.18]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [catalina.jar:8.0.18]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) [catalina.jar:8.0.18]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) [catalina.jar:8.0.18]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [catalina.jar:8.0.18]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:610) [catalina.jar:8.0.18]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [catalina.jar:8.0.18]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:516) [catalina.jar:8.0.18]
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1086) [tomcat-coyote.jar:8.0.18]
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:659) [tomcat-coyote.jar:8.0.18]
at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:223) [tomcat-coyote.jar:8.0.18]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1558) [tomcat-coyote.jar:8.0.18]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1515) [tomcat-coyote.jar:8.0.18]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [?:1.8.0_65]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [?:1.8.0_65]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.0.18]
at java.lang.Thread.run(Unknown Source) [?:1.8.0_65]
[25/08/16 11:25:00:502 PDT] ERROR servlet.MainServlet: dotcms.org.2795
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment