Uploaded image for project: '[Read Only] - Hippo Repository'
  1. [Read Only] - Hippo Repository
  2. REPO-1081

Make user's own groups readable in the defaultread domain (with patch)

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • 2.26.05
    • 2.28.00, CMS-10.0-FCS
    • None

    Description

      A CMS user cannot access /hippo:configuration/hippo:groups nor the groups to which he belongs below that.

      This is easily visible in the repository servlet when logged in as the default user "author"

      It results in the method org.onehippo.repository.security.User#getMemberships() returning no groups at all.

      It can be fixed easily by adding two domain rules to the domain "defaultread": one for hipposys:groupfolder and one for hipposys:group with members=current user (expander _user_ ).

      NB using a rule for hipposys:group with name = current-user-group (expander _group_ ) doesn't seem to work to fill User#getMemberships() using query //element(*, hipposys:group)[(@hipposys:members = '*' or @hipposys:members = 'CURRENT_USER')].

      See attached files

      Attachments

        Activity

          People

            Unassigned Unassigned
            jhoffman Jeroen Hoffman
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: