Resolution: Won't Fix
Affects Version/s: 6.1.20 EE GA2
Fix Version/s: 6.1.20 EE GA2
Environment:LIFERAY VERSION: 6.1 GA2
OPERATING SYSTEM: Windows XP
APPLICATION SERVER: Weblogic 10.3
JAVA VIRTUAL MACHINE: Java 6
DATABASE: Oracle 11.1
Steps to Reproduce
1) Install liferay 6.0 SP2
2) Create two new users, "Customer" and "Employee"
3) Assign users "Customer" and "Employee" as members to the default Liferay community pages
Create two custom roles ex: customer and employee.
4)Assign user "Customer" to the "Customer" role
5)Assign user "Employee" to the "Employee" role
6) For the default Liferay Community page, add a private page.
7) Add two web content display portlets, add one that reads "Visible to Employees Only" and the other should read "Visible to Customers Only".
8)Establish permissions for "Visible to Employees Only" - make it so that Community Members cannot view this portlet, only the "Employee" group should have view permissions.
9) Establish permissions for "Visible to Customers Only" - make it so that Community Members cannot view this portlet, only the "Customer" group should have view permissions.
10)Access the private Liferay page with Employee, and ensure that only the web content portlet displaying "Visible to Employees Only" is displaying.
11) Check to see that when you log in with Customer, that only the web content portlet displaying "Visible to Customers Only" is displaying.
12) Shut down 6.0.12 instance
Prepare reinstall of Liferay 6.1.20
Apply the following fixpacks to the 6.1.20 environment: announcements-1-6120, documents-and-media-2-6120, dynamic-data-lists-1-6120, message-boards-1-6120, plugin-deployment-1-6120, security-hotfix-3-6120, service-builder-1-6120, tags-and-categories-1-6120, upgrade-2-6120, core-5-6120
Establish 6.1.20's portal-ext.properties to access the same database (i.e. "SITA")
Run Liferay 6.1.20
Login to the portal as the Customer, and you will see both web content is visible
Try the same with Employee, and the same behavior will come up
Results of steps / testing:
The custom role permissions have not properly carried over following the upgrade, as both portlets, despite their permissions, are appearing to both users.