Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-33236

Delete button on Asset Category Admin doesn't support partial removal of categories or vocabularies

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.1.1 CE GA2, 6.1.20 EE GA2
    • Fix Version/s: 6.1.30 EE GA3, 6.2.0 CE M5
    • Component/s: WCM, WCM > Categories
    • Labels:
    • Environment:
      Tomcat 7 + MySQL 5. Portal 6.1.x GIT ID: 395c2c8fbb81b8250e0aa8542a1778a017fbdd01.
      Tomcat 7 + MySQL 5. Portal 6.2.x GIT ID: 2c1941edd4748871102ef7bf5bc7d44d12283e4b.
    • Branch Version/s:
      6.1.x
    • Backported to Branch:
      Committed
    • Story Points:
      1
    • Fix Priority:
      5

      Description

      Experienced behaviour:

      • The delete button is shown on asset category administration even though the user might not have sufficient permissions to use it.
      • If some categories are selected in such a way that the user has permission to delete some of them and for removing the rest of them he doesn't have permission, the portal doesn't allow partial deletion in this scenario.

      Expected behaviour:

      1) Let the user check the boxes and click on the delete button.
      2) Portal tries to delete the checked items (which could be vocabulary and/or category).
      3) After the whole process has finish, portal sends a message, which categories/vocabularies could not be deleted because of lock of permissions.

      You can find more info about the expected behaviour here: http://in.liferay.com/web/global.engineering/forums/-/message_boards/message/1245865?p_p_auth=OJruDI4Q#_19_message_1245916

      Steps to reproduce:

      1) Create a role R1 and define permissions according to the attached screenshot.
      2) Create a user U1 with this role and add Liferay to his sites.
      3) Create a vocabulary V1 and category C1 with the admin user.
      4) Grant View permission to R1 on category C1.
      5) Log in as U1, go to Categories.
      6) Create your own category C2.
      7) Select both C1 and C2 and try to delete both of them.

      6.1.x: You do not have permission to the requested resource is reported.
      6.2.x: com.liferay.portal.security.auth.PrincipalException exception is reported on the console.

      Removal of C2 will happen neither in case of 6.1.x nor in case of 6.2.x. Of course you can always delete your own categories/vocabularies (C2 in this example).

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  3 years, 28 weeks, 6 days ago