MMBase

Error: Operation 'change context' on 752 (default) was NOT permitted to foo

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Major Major
  • Resolution: Cannot Reproduce
  • Affects Version/s: 1.9.1
  • Fix Version/s: 1.9.6
  • Component/s: Taglib
  • Description:
    Hide
    <mm:fieldlist type="edit" fields="owner" > etc. has the effect that the owner field does get changed (or tried to) although it is not being edited. And in this security setup default can be changed by a basic user (it can to admin only, but still).

    Operation 'change context' on 752 (default) was NOT permitted to foo
    org.mmbase.security.SecurityException: Operation 'change context' on 752 (default) was NOT permitted
     to foo
            at org.mmbase.security.implementation.context.ContextAuthorization.verify(ContextAuthorization
    .java:448)
            at org.mmbase.bridge.implementation.BasicCloud.verify(BasicCloud.java:608)
    Show
    <mm:fieldlist type="edit" fields="owner" > etc. has the effect that the owner field does get changed (or tried to) although it is not being edited. And in this security setup default can be changed by a basic user (it can to admin only, but still). Operation 'change context' on 752 (default) was NOT permitted to foo org.mmbase.security.SecurityException: Operation 'change context' on 752 (default) was NOT permitted  to foo         at org.mmbase.security.implementation.context.ContextAuthorization.verify(ContextAuthorization .java:448)         at org.mmbase.bridge.implementation.BasicCloud.verify(BasicCloud.java:608)
  • Environment:
    MMBase 1.9.1.20090205

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Michiel Meeuwissen added a comment - 2011-02-08 15:48
I suppose it is fixed. The basic editors do exactly this (they add the 'owner' field to the fields to be edited). Foo on default has change context rights on the context 'default'. I revoked this right and tried the change a now with the 'basic' editors. And I did not see an error, so I suppose it is fixed in the mean time.
Show
Michiel Meeuwissen added a comment - 2011-02-08 15:48 I suppose it is fixed. The basic editors do exactly this (they add the 'owner' field to the fields to be edited). Foo on default has change context rights on the context 'default'. I revoked this right and tried the change a now with the 'basic' editors. And I did not see an error, so I suppose it is fixed in the mean time.

People

Dates

  • Created:
    2009-02-05 21:06
    Updated:
    2011-02-08 15:48
    Resolved:
    2011-02-08 15:48
Atlassian JIRA (v4.1#519) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for MMBase Foundation. Try JIRA - bug tracking software for your team.