Uploaded image for project: 'Hippo CMS'
  1. Hippo CMS
  2. CMS-6951

Backport CMS7 6744 to 7.7 - channel unlock is only available if user is in group with _name_ "admin"

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • High
    • Resolution: Fixed
    • 2.22.13
    • 2.22.15
    • None

    Description

      The current implementation only shows the channel unlock button if the user is in the group with the exact name "admin". Expected behavior is that the check should be whether the user has the "hippo:admin" privilege

      Observation by Nour:
      In line 473 (https://source.onehippo.com/browse/public/hippo-cms7/addons/addon-channel-manager/trunk/frontend/src/main/java/org/onehippo/cms7/channelmanager/templatecomposer/PageEditor.java?r=37177&r=37177#to473)
      A query is made [1] to check hard coded if the user is in namely in the admin group or not

      [1] SELECT * FROM hipposys:group WHERE jcr:primaryType='hipposys:group' AND fn:name() = 'admin' AND hipposys:members='{}'
      the '{}' is replaced by the logged in username

      NOTE: Look at unlocking documents as a reference/example

      Attachments

        Activity

          People

            jsheriff Junaidh Kadhar Sheriff
            jsheriff Junaidh Kadhar Sheriff
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: