Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EZP-30978: fix issue when location limitation is used on content/edit policy #2780

Closed
wants to merge 1 commit into from
Closed

EZP-30978: fix issue when location limitation is used on content/edit policy #2780

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions eZ/Publish/Core/Limitation/LocationLimitationType.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
use eZ\Publish\API\Repository\Values\User\Limitation\LocationLimitation as APILocationLimitation;
use eZ\Publish\API\Repository\Values\User\Limitation as APILimitationValue;
use eZ\Publish\API\Repository\Values\Content\Query\Criterion;
use eZ\Publish\SPI\Limitation\Target\Version;
use eZ\Publish\SPI\Limitation\Type as SPILimitationTypeInterface;
use eZ\Publish\Core\FieldType\ValidationError;
use eZ\Publish\SPI\Persistence\Content\Location as SPILocation;
Expand Down Expand Up @@ -114,6 +115,8 @@ public function buildValue(array $limitationValues)
*/
public function evaluate(APILimitationValue $value, APIUserReference $currentUser, ValueObject $object, array $targets = null)
{
$targets = $targets ?? [];

if (!$value instanceof APILocationLimitation) {
throw new InvalidArgumentException('$value', 'Must be of type: APILocationLimitation');
}
Expand All @@ -131,12 +134,16 @@ public function evaluate(APILimitationValue $value, APIUserReference $currentUse
);
}

$targets = array_filter($targets, function ($target) {
return !$target instanceof Version;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The actual bug exists in the implementation of \eZ\Publish\Core\Repository\Permission\PermissionResolver::lookupLimitations.
An instance of Target should be passed to TargetAwareType Limitation type only, which canUser takes into the account. The lookupLimitation method needs to behave the same way. // cc @mikadamczyk

While this fix works for LocationLimitation, there might be similar issues

Ref:

  • \eZ\Publish\SPI\Limitation\TargetAwareType,
  • \eZ\Publish\SPI\Limitation\Target.

});

// Load locations if no specific placement was provided
if ($targets === null) {
if (empty($targets)) {
if ($object->published) {
$targets = $this->persistence->locationHandler()->loadLocationsByContent($object->id);
} else {
// @todo Need support for draft locations to to work correctly
// @todo Need support for draft locations to work correctly
$targets = $this->persistence->locationHandler()->loadParentLocationsForDraftContent($object->id);
}
}
Expand Down