7.2.X, 7.3.X, Master
When using the JSON WS to query for a user's own teams, if the groupId is specified, then the user will not be able to view their teams due to a PrincipalException like:
User XXXXX must have MANAGE_TEAMS permission for com.liferay.portal.kernel.model.Group YYYYY
This shouldn't occur, since the same API without the groupId works fine
It's been determined in PTR-3460, the solution will we to allow the user to view the teams for the specified user assuming they have UPDATE permission for them as well.
Steps to reproduce
- Create a user and assign it to some groups
- Go to http://localhost:8080/api/jsonws and select get-user-teams method
- Place the userId and groupId and see if the same occurs
teams are returned
No teams are shown and a principal exception is thrown.
Reproduced in master c1e7129f0993aa30e3f345ebd66fd58bc005e8e5