Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-65396

Undeployed portlet referenced from page (after upgrade) throws exception in permission checker

    Details

      Description

      Steps to reproduce:

      1. Sign in
      2. Get guest groupId (e.g. 20233)
      3. Get current p_auth token (e.g. 0fMsIhMD from page HTML source)
      4. Exchange groupId and p_auth token and hit: http://localhost:8080/api/jsonws/layout/update-layout/group-id/20233/private-layout/false/layout-id/1/type-settings/column-1=181%0alayout-template-id=2_columns_ii?p_auth=0fMsIhMD
      5. Display main page for guest group

      Expected result: No exception in logs
      Actual result: Exception stating that: Someone may be trying to circumvent the permission checker: {companyId=10155, name=118, primKey=118, scope=4}

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  3 years, 21 weeks, 2 days ago

                  Packages

                  Version Package
                  6.2.X EE
                  7.0.1 CE GA2