[
https://issues.apache.org/jira/browse/ROL-1594?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Glen Mazza closed ROL-1594.
---------------------------
Resolution: Incomplete
I'm not sure why that authenticated user is necessary when making a blog entry
search request, and the author isn't giving any reason for it.
> SearchServlet initialize pageRequest without authenticatedUser info, cause
> $url.isAuthenticatedAsAdmin function
> ----------------------------------------------------------------------------------------------------------------
>
> Key: ROL-1594
> URL: https://issues.apache.org/jira/browse/ROL-1594
> Project: Apache Roller
> Issue Type: Bug
> Components: Authentication, Roles and Access Controls
> Affects Versions: 4.0
> Reporter: Miles Huang
> Assignee: Roller Unassigned
> Attachments: ASF.LICENSE.NOT.GRANTED--SearchServlet.patch
>
>
> SearchServlet initialize a mock pageRequest based on parsed searchRequest,
> but without authenticUser info. Some model methods rely on it, such as
> $url.isUserAuthorizedToAuthor().
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
