Return-Path: 
 <commits-return-9207-apmail-roller-commits-archive=roller.apache.org@roller.apache.org>
X-Original-To: apmail-roller-commits-archive@www.apache.org
Delivered-To: apmail-roller-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 1DF19116CC
	for <apmail-roller-commits-archive@www.apache.org>;
 Mon,  8 Sep 2014 19:48:30 +0000 (UTC)
Received: (qmail 24544 invoked by uid 500); 8 Sep 2014 19:48:30 -0000
Delivered-To: apmail-roller-commits-archive@roller.apache.org
Received: (qmail 24508 invoked by uid 500); 8 Sep 2014 19:48:30 -0000
Mailing-List: contact commits-help@roller.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@roller.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@roller.apache.org>
List-Post: <mailto:commits@roller.apache.org>
List-Id: <commits.roller.apache.org>
Reply-To: dev@roller.apache.org
Delivered-To: mailing list commits@roller.apache.org
Received: (qmail 24497 invoked by uid 99); 8 Sep 2014 19:48:29 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Sep 2014 19:48:29 +0000
Date: Mon, 8 Sep 2014 19:48:29 +0000 (UTC)
From: "Glen Mazza (JIRA)" <jira@apache.org>
To: commits@roller.apache.org
Message-ID: <JIRA.12421126.1193802583000.19559.1410205709913@Atlassian.JIRA>
In-Reply-To: <JIRA.12421126.1193802583000@Atlassian.JIRA>
References: <JIRA.12421126.1193802583000@Atlassian.JIRA>
 <JIRA.12421126.1193802583677@arcas>
Subject: [jira] [Closed] (ROL-1594) SearchServlet initialize pageRequest
 without authenticatedUser info, cause $url.isAuthenticatedAsAdmin function
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/ROL-1594?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Glen Mazza closed ROL-1594.
---------------------------
    Resolution: Incomplete

I'm not sure why that authenticated user is necessary when making a blog entry search request, and the author isn't giving any reason for it.

> SearchServlet initialize pageRequest without authenticatedUser info, cause $url.isAuthenticatedAsAdmin function 
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: ROL-1594
>                 URL: https://issues.apache.org/jira/browse/ROL-1594
>             Project: Apache Roller
>          Issue Type: Bug
>          Components: Authentication, Roles and Access Controls
>    Affects Versions: 4.0
>            Reporter: Miles Huang
>            Assignee: Roller Unassigned
>         Attachments: ASF.LICENSE.NOT.GRANTED--SearchServlet.patch
>
>
> SearchServlet initialize a mock pageRequest based on parsed searchRequest, but without authenticUser info. Some model methods rely on it, such as $url.isUserAuthorizedToAuthor().



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)