Loading...
 

Category permission check for wiki page menu option not working in some cases

Status
Closed
Subject
Category permission check for wiki page menu option not working in some cases
Version
5.x
Category
  • Error
  • Consistency
Feature
Wiki (page view, edit, history, rename, etc)
Category
Menu
Submitted by
Rodrigo Primo
Lastmod by
Rodrigo Primo
Rating
(0)
Description

Wiki pages links are case insensitive but the category permission check for wiki pages menu entry only works if the case of the link matches the case of the wiki page name.

Say you have a wiki page called "Foo" and the "Registered" group has view permission to this page granted by a category. If you create a menu entry linking to the "Foo" page and set the URL as "Foo" everything will work as expected. But if you set the URL as "foo" the menu option will not appear to the users of the "Registered" group. Obviously for this to happen the "Registered" group must not have global tiki_p_view.

This does not happen if object permissions, instead of category permissions, grant access to the "Foo" page.

Solution

http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=27364

The following patch (also attached) permanently fix the issue.

The method Perms_ResolverFactory_CategoryFactory::bulkLoadCategories() loads the property Perms_ResolverFactory_CategoryFactory::knownObjects with the list of objects and the categories they belong. The problem is that it does that by comparing the object name (in the case of menu options, the URL menu option value) with the itemId field of the table 'tiki_objects' in a case sensitive way. So it ends up loading a incomplete list of known objects.

Index: lib/core/lib/Perms/ResolverFactory/CategoryFactory.php
===================================================================
--- lib/core/lib/Perms/ResolverFactory/CategoryFactory.php	(revision 27307)
+++ lib/core/lib/Perms/ResolverFactory/CategoryFactory.php	(working copy)
@@ -95,7 +95,7 @@
 			$key = $this->objectKey( array_merge( $baseContext, array( 'object' => $v ) ) );
 
 			if( ! isset( $this->knownObjects[$key] ) ) {
-				$objects[$v] = $key;
+				$objects[strtolower($v)] = $key;
 				$this->knownObjects[$key] = array();
 			}
 		}
@@ -112,7 +112,7 @@
 
 		foreach( $result as $row ) {
 			$category = (int) $row['categId'];
-			$object = $row['itemId'];
+			$object = strtolower($row['itemId']);
 			$key = $objects[$object];
 			
 			$this->knownObjects[$key][] = $category;
Workaround
A easy workaround is to simply create the menu options matching the case of the wiki page name.
Rating (deprecated)
(0)
Ticket ID
3197
Created
Thursday 27 May, 2010 16:35:39 GMT-0000
LastModif
Sunday 30 May, 2010 00:25:51 GMT-0000

Attachments

 filenamecreatedhitscommentversionfiletype 
CategoryFactory.php.patch 27 May 10 16:39 GMT-000084Patch to fix the bug


Keywords

The following is a list of keywords that should serve as hubs for navigation within the Tiki development and should correspond to documentation keywords.

Each feature in Tiki has a wiki page which regroups all the bugs, requests for enhancements, etc. It is somewhat a form of wiki-based project management. You can also express your interest in a feature by adding it to your profile. You can also try out the Dynamic filter.

Accessibility (WAI & 508)
Accounting
Administration
Ajax
Articles & Submissions
Backlinks
Banner
Batch
BigBlueButton audio/video/chat/screensharing
Blog
Bookmark
Browser Compatibility
Calendar
Category
Chat
Comment
Communication Center
Consistency
Contacts Address book
Contact us
Content template
Contribution
Cookie
Copyright
Credits
Custom Home (and Group Home Page)
Database MySQL - MyISAM
Database MySQL - InnoDB
Date and Time
Debugger Console
Directory (of hyperlinks)
Documentation link from Tiki to doc.tiki.org (Help System)
Docs
DogFood
Draw
Dynamic Content
Preferences
Dynamic Variable
External Authentication
FAQ
Featured links
Feeds (RSS)
File Gallery
Forum
Friendship Network (Community)
Group
Help
History
Hotword
HTML Page
i18n (Multilingual, l10n, Babelfish)
Image Gallery
Import-Export
Install
Integrator
Interoperability
Inter-User Messages
InterTiki
jQuery
Kaltura video management
Karma
Live Support
Logs (system & action)
Lost edit protection
Mail-in
Map
Menu
Meta Tag
Missing features
Visual Mapping
Mobile
Mods
Modules
MultiTiki
MyTiki
Newsletter
Notepad
OS independence (Non-Linux, Windows/IIS, Mac, BSD)
Organic Groups (Self-managed Teams)
Packages
Payment
PDF
Performance Speed / Load / Compression / Cache
Permission
Poll
Profiles
Quiz
Rating
Realname
Report
Revision Approval
Scheduler
Score
Search engine optimization (SEO)
Search
Security
Semantic links
Share
Shopping Cart
Shoutbox
Site Identity
Slideshow
Smarty Template
Social Networking
Spam protection (Anti-bot CATPCHA)
Spellcheck
Spreadsheet
Staging and Approval
Stats
Survey
Syntax Highlighter (Codemirror)
Tablesorter
Tags
Task
Tell a Friend, alert + Social Bookmarking
Terms and Conditions
Theme
TikiTests
Timesheet
Token Access
Toolbar (Quicktags)
Tours
Trackers
TRIM
User Administration
User Files
User Menu
Watch
Webmail and Groupmail
WebServices
Wiki History, page rename, etc
Wiki plugins extends basic syntax
Wiki syntax text area, parser, etc
Wiki structure (book and table of content)
Workspace and perspectives
WYSIWTSN
WYSIWYCA
WYSIWYG
XMLRPC
XMPP




Useful Tools