Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-99173

Recent Bloggers portlet shows link to inaccessible content

    Details

      Description

      Steps to reproduce:

      1. Create "SiteH" with private page
      2. Place a Recent Bloggers portlet on this page
      3. Place a Blogs portlet on this page
      4. Create a Site called "Breaker" with a private page
      5. Place a Blogs portlet on the page
      6. Create two users: userU and userB.
      7. Add userU and userB as members of "siteH"
      8. Add userB as a Site Owner for "SiteH"
      9. Add userB as member of "Breaker" (but don't add userU)
      10. Set userB as Site Owner for "Breaker"
      11. Log in with userB
      12. Go to site "Breaker" and add a Blog entry
      13. Go back to "siteH"

      CHECK POINT: Recent Bloggers shows userB in the list with a link to the blog entry created. UserB can click on the link and see the content.

      14. Log in with userU

      Expected behavior: Recent Bloggers shouldn't show userB in the list with a link to the blog entry if UserU has no VIEW permission to that entry
      Actual behavior: Recent Bloggers shows userB in the list with a link to the blog entry created. UserU can click on the link, but cannot access the content.

        Attachments

          Activity

            People

            • Assignee:
              jeremy.chen Jeremy Chen
              Reporter:
              istvan.dezsi Istvan Dezsi
              Participants of an Issue:
              Recent user:
              Jason Pince
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                1 year, 4 weeks, 2 days ago

                Packages

                Version Package
                7.0.0 DXP FP86
                7.0.X
                7.1.10 DXP FP14
                7.1.X
                7.2.10 DXP FP2
                7.2.10.1 DXP SP1
                7.2.X
                7.2.1 CE GA2
                Master