incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Potter <jspwiki-u...@riverbed.demon.co.uk>
Subject Strange permission behaviour
Date Wed, 21 May 2008 16:48:37 GMT
I recently upgraded to 2.6.2 and had a play with the ACL feature.  After 
adding restrictions to the page TitleBox (like jspwiki.org) pages in the wiki 
(e.g. Main) were no longer editable by users that did not have permission to 
edit TitleBox.  The debug log seems to suggest that the restrictions parsed 
from the TitleBox page are being applied to the Main page (Main has no 
restrictions specified):

2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.tags.WikiTagBase.doWikiStartTag  - Inserting page WikiPage 
[JSPWiki:TitleBox,ver=8,mod=Wed May 21 16:18:54 BST 2008]
2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.render.RenderingManager.getRenderedDocument  - Re-rendering 
and storing TitleBox::8
2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.parser.JSPWikiMarkupParser.handleAccessRule  - page=Main, 
ACL = ALLOW view Authenticated
2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.auth.acl.DefaultAclManager.parseAcl  - Adding new acl entry 
for view
2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.auth.acl.DefaultAclManager.parseAcl  -   user = 
Authenticated: 
(("com.ecyrd.jspwiki.auth.permissions.PagePermission","JSPWiki:Main","view"))

2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.parser.JSPWikiMarkupParser.handleAccessRule  -   user = 
Authenticated: 
(("com.ecyrd.jspwiki.auth.permissions.PagePermission","JSPWiki:Main","view"))

2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.parser.JSPWikiMarkupParser.handleAccessRule  - page=Main, 
ACL = ALLOW edit Admin
2008-05-21 16:20:24,273 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.auth.acl.DefaultAclManager.parseAcl  - Adding new acl entry 
for edit
2008-05-21 16:20:24,283 [http-8443-1] DEBUG 
com.ecyrd.jspwiki.auth.acl.DefaultAclManager.parseAcl  -   user = 
Authenticated: 
(("com.ecyrd.jspwiki.auth.permissions.PagePermission","JSPWiki:Main","view"))
  user = Admin: 
(("com.ecyrd.jspwiki.auth.permissions.PagePermission","JSPWiki:Main","edit"))


Am I misunderstanding something here? 
(note: The behaviour appears to be obfuscated by page caching).  

Thanks for any help,

Steve P.

Mime
View raw message