Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-4269

Company wide searches (via search portlet) do not include all roles (community roles & regular roles applied via user groups)

    Details

    • Type: Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: 5.2.3
    • Fix Version/s: --Sprint 12/11, 6.1.0 CE RC1
    • Component/s: None
    • Labels:
      None
    • Environment:
      all
    • Branch Version/s:
      5.2.x
    • Liferay Contributor's Agreement:
      Accept

      Description

      when we do searches, we currently send the query over to SearchPermissionCheckerImpl.java and it will modify the query to include the roleIds that the user has.

      see code here:

      protected void doAddPermissionFields_5(
      long companyId, long groupId, String className, String classPK,
      Document doc)
      throws Exception {

      Resource resource = ResourceLocalServiceUtil.getResource(
      companyId, className, ResourceConstants.SCOPE_INDIVIDUAL,
      classPK);

      Group group = GroupLocalServiceUtil.getGroup(groupId);

      List<Role> roles = ResourceActionsUtil.getRoles(group, className);

      List<Long> roleIds = new ArrayList<Long>();

      for (Role role : roles) {
      long roleId = role.getRoleId();

      if (hasPermission(roleId, resource.getResourceId()))

      { roleIds.add(roleId); }

      }

      doc.addKeyword(
      Field.ROLE_ID, roleIds.toArray(new Long[roleIds.size()]));
      }

      This works well when we are searching in a particular group (community / org) because the code will check to find out which roles you have for that particular groupId and add it to the query.

      However, if you are searching across all communities / orgs (as is done when using the search portlet), the groupId is "0" and so no community roles are added to the query. This means that even if you have permission to view some content in a community.. it will not appear in the search results because you dont have those permissions.

      What we should do is to add logic so that..

      if (groupId == 0) {
      // get a list of all groups that the user is associated with

      // for each of those groups, get all roles that correspond to the user and the group..
      }
      else {
      // get the roles associated with the selected groupId (the current behavior)
      }

      this way, the search will respect the permissions for each community.

      Scott

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              support-lep@liferay.com SE Support
              Reporter:
              scott.lee Scott Lee
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                9 years, 12 weeks, 5 days ago

                  Packages

                  Version Package
                  --Sprint 12/11
                  6.1.0 CE RC1