[LPS-73348] Individual role permissions on resourceBlock-managed resources are lost when a resource permission is set at the company level - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 6.2.X EE, 7.0.X EE, Master
Fix Version/s: 6.2.X EE, 7.0.0 DXP FP26, 7.0.X EE, 7.0.4 CE GA5, 7.1.X, Master
Component/s: Core Infrastructure > Permissions
Labels:

Branch Version/s:

7.0.x, 6.2.x
Backported to Branch:

Committed
Fix Priority:
2
Git Pull Request:
https://github.com/pei-jung/liferay-portal/pull/202

Description

Individually-set permissions against Roles on ResourceBlock-managed resources are lost when the when a resource permission is set at the company level.

Additionally, when a resource permission is removed from a ResourceBlock entity from a company level, all group level permissions are also lost. Similar steps below will not reproduce the issue if performed for a non-ResourceBlock-managed resource (like Web Content).

Because of the design of Resource Block permissions, we are unable to change ResourceBlock permissions to function the same as non-Resource Block permissions. This ticket will provide two parts of a solution.

Setting a permission for a ResourceBlock resource at the company level will no longer overwrite all permissions on that resource, instead it will only overwrite the permission changed.
When a permission is set, unset, or deleted, a warning will be displayed to the user stating:
Warning: Editing this permission will overwrite all Bookmark Entry permissions that have been configured on the Bookmark portlet.

Steps to reproduce

1. Go to Control Panel and create a new Regular role called "A Regular Role". Set no permissions in it.
2. In a new Tab, go to Site Administration for any site (the default is fine, and is already available).
3. Under Content, click "Bookmarks". Create a new Bookmark.
4. After creation, Click "Actions", then "Permissions".
5. In the matrix, find the "A Regular Role", and click the checkboxes for "Subscribe" and "View". Click Save and close the modal dialog.
6. Switch back to the edit screen for "A Regular Role", and click "Define Permissions".
7. Go to "Site Administration > Content > Bookmarks".
8. Under Bookmarks Entry, put a check next to "Subscribe", and click Save.
9. Switch back to Bookmarks tab. For the bookmark, click "Actions", then "Permissions".
10. Notice that the "Subscribe" permission for "A Regular Role" is checked, but greyed out, unable to be cleared. Also, the permission for View has be unset. Close the modal dialog.
11. Switch back to the edit screen for "A Regular Role".
12. Find the entry for "Bookmarks > Bookmarks Entry: Subscribe" and click "Remove".
13. Switch back to Bookmarks tab. For the bookmark, click "Actions", then "Permissions".

Results of Testing

Expected Result: The View permission should never be unset because it was not edited. The portal should also warn the User that setting a permission from the Roles Admin portlet will overwrite individual entities permissions.
Actual Results: The "Subscribe" and "View" permissions for the custom role are now cleared out.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

fixed.png
15 kB
07/Aug/17 10:09 PM

Issue Links

relates

LPE-16250 Updating Resource Block permissions in Roles Admin overwrote group level permissions

Closed

LPS-75419 Removing a Resource Block Permission clears all permissions on a Bookmark

Closed

Activity

People

Assignee:: Hong Zhao (Inactive)

Reporter:: Joshua Cords

Participants of an Issue:: Hong Zhao, Joshua Cords, Pei-Jung Lan

Recent user:: Kiyoshi Lee

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Jun/17 10:35 AM

Updated:: 09/May/19 7:31 AM

Resolved:: 26/Jul/17 1:42 PM

Days since last comment:: 5 years, 43 weeks, 2 days ago

Packages

Version	Package
6.2.X EE
7.0.0 DXP FP26
7.0.X EE
7.0.4 CE GA5
7.1.X
Master