[LPS-71877] Unable to clear defaults and unsupported permissions with OSGi - Liferay Issues

XML

Word

Printable

Details

Type: Regression Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 7.0.X EE, Master
Fix Version/s: 7.0.0 DXP FP14, 7.0.0 DXP SP3, 7.0.3 CE GA4, 7.0.X EE, 7.1.X, Master
Component/s: Application Security > Permissions
Labels:
- liferay-digital-enterprise-70-sp3
- liferay-fixpack-de-14-7010

Branch Version/s:

7.0.x
Backported to Branch:

Committed
Story Points:
1.75
Fix Priority:
4
Last Working Version:

6.2.10 EE GA1
Git Pull Request:
https://github.com/brianchandotcom/liferay-portal/pull/48290

Description

In past releases of Liferay (such as 6.2.x and before), users were able to modify the default and unsupported permissions for site members and guests by creating an EXT plugin and overriding the specific XML file that provided the initial permissions.

This meant that even though the files were usually additive, by overriding the file that's checked in the classpath, you could effectively remove supported or default permissions.

With OSGi, the way the classpath works is that the bundle itself is always preferred over fragment bundles. This means that the additive nature of defining permissions via a resource actions XML makes it so that it is now impossible to remove default permissions programmatically without deploying a completely different bundle (which is not a maintainable solution).

To allow for the original use of custom resource action XML files within EXT plugins, we could allow for the second file to take precedence when defining the "*-defaults" and "guest-unsupported", but retain the additive behavior for other elements within the XML file. This would allow us to remove defaults or unsupported permissions with the following steps.

Create a new blade module.
Specify "Fragment-Host: com.liferay.document.library.web" in the bnd.bnd for the new module

Add a file src/main/resources/portlet-ext.properties with the following content

resource.actions.configs=resource-actions/default.xml,resource-actions/default-ext.xml

Create a new file src/main/resources/resource-actions/default-ext.xml with the following content

<?xml version="1.0"?>
<!DOCTYPE resource-action-mapping PUBLIC "-//Liferay//DTD Resource Action Mapping 7.0.0//EN" "http://www.liferay.com/dtd/liferay-resource-action-mapping_7_0_0.dtd">

<resource-action-mapping>
	<model-resource>
		<model-name>com.liferay.document.library.kernel.model.DLFileEntry</model-name>
		<portlet-ref>
		</portlet-ref>
		<permissions>
			<supports>
			</supports>
			<guest-defaults>
			</guest-defaults>
		</permissions>
	</model-resource>
</resource-action-mapping>

Deploy the module

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

testdl-1.0.0.jar
1 kB
28/Apr/17 1:46 AM

Activity

People

Assignee:: Joyce Wang

Reporter:: Minhchau Dang

Participants of an Issue:: Joyce Wang, Minhchau Dang, Raymond Auge

Recent user:: Csaba Turcsan

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 11/Apr/17 9:17 PM

Updated:: 10/May/19 12:58 AM

Resolved:: 12/Apr/17 9:36 AM

Days since last comment:: 3 years, 50 weeks, 5 days ago

Packages

Version	Package
7.0.0 DXP FP14
7.0.0 DXP SP3
7.0.3 CE GA4
7.0.X EE
7.1.X
Master