Details

    • Branch Version/s:
      6.0.x, 5.2.x, 5.1.x
    • Backported to Branch:
      Committed
    • Similar Issues:
      Show 4 results 

      Description

      In short - Individual ResourcePermission records are never removed.

      Algorithm 6 introduced ResourcePermissions and deprecated Resource, ResourceCode and Permission.

      Whole portal use ResourceLocalService* for adding and removing resources when creating/removing model and portlet resources.

      Adding seems OK, but removing is not working - ResourceLocalServiceImpl doesn't call ResourcePermissionsLocalService for removing database record for individual scope when deleting entity from database (for example removing layout, blog entry, portlet on a page, etc.).

      ResourceLocalServiceImpl:
      ======================
      public void deleteResource(
      long companyId, String name, int scope, String primKey)
      throws PortalException, SystemException {

      if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6)

      { return; }

      This can lead to database space leak.
      --------------------
      Possible solution is to
      1, use ResourcePermissionLocalServiceUtil.removeResourcePermission - but for all actions defined on the resource
      2, or add new method for removing the record in ResourcePermissionLocalService

        Activity

        Hide
        James Falkner added a comment -

        add to 6.0.6 queue

        Show
        James Falkner added a comment - add to 6.0.6 queue

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Days since last comment:
              4 years, 35 weeks, 5 days ago

              Development

                Structure Helper Panel