SAK-24209 - Private collections (melete docs) not supported by iSyllabus)

Activity

SAKTRUNK-18 4

Keyboard shortcuts  
Summarize the review outcomes (optional)
 
#permalink

Details

Warning: no files are visible, they have all been filtered.
Participant Role Time Spent Comments Latest Comment
Author 5m 2 No I'm not even sure how I'd test .anon or .auth? This or...
Reviewer - 100% reviewed 20m 2 Whats the point of clearing all advisors? You have a push...
Reviewer - 0% reviewed      
Total   25m 4  
#permalink

Objectives

130194: SAK-24209 - Private collections (melete docs) not supported by iSyllabus)

I'd like any quick feedback to this. It went about a half hour over what I estimated as I realized the original patch didn't allow browsing outside of the melete upload area either. With iSyllabus this seemed like a much more useful feature, but the problem is that it uses security advisors to override access to this special private collection. If you have this advisor pushed, then you can't get access to your regular stuff. So it seemed like I had to see if I needed the advisor (by seeing if the folder stated with /private) and then push it, afterward popping it. I tested this with melete and worked pretty good. I also added a i18n properties file so it showed something nicer than "upload" for the Melete upload folder without changing melete.

Anyway, I just wanted to make sure I didn't mess up anything with the security advisors mostly. Thanks!

Branches in review

#permalink

Issues Raised From Comments

Key Summary State Assignee
#permalink

General Comments

Bryan Holladay

Have you tested this with .anon or .auth users?

Have you tested this with .anon or .auth users?

Matthew Jones

Yea that's a good comment, I can try to pop that specific one, though it shou...

Yea that's a good comment, I can try to pop that specific one, though it shouldn't be an issue

Matthew Jones

No I'm not even sure how I'd test .anon or .auth? This original patch (long a...

No I'm not even sure how I'd test .anon or .auth? This original patch (long ago) set up a security advisor in the session that gives access to the special private melete docs folder. The bug here was that because the advisor was pushed at the beginning of the method (if it existed) that the user didn't have access to any other content. So it has to only push it when trying ot get to the special private content.

If you have a test case let me know.

/textarea/trunk/.../connector/src/bundle/ Added
Open in IDE #permalink
Repository SakaiTrunk does not exist
/textarea/trunk/FCKeditor/.../src/bundle/org/ Added
Open in IDE #permalink
Repository SakaiTrunk does not exist
/textarea/trunk/.../bundle/org/sakaiproject/ Added
Open in IDE #permalink
Repository SakaiTrunk does not exist
/textarea/trunk/.../org/sakaiproject/connector/ Added
Open in IDE #permalink
Repository SakaiTrunk does not exist
/textarea/trunk/.../sakaiproject/connector/fck/ Added
Open in IDE #permalink
Repository SakaiTrunk does not exist
/textarea/trunk/.../fck/Messages.properties Added
Open in IDE #permalink
/textarea/.../fck/FCKConnectorServlet.java Changed 1
Open in IDE #permalink

Review updated: Reload | Ignore | Collapse

You cannot reload the review while writing a comment.

Create issue

X
Assign To Me

Log time against