[Dspace-devel] [DSJ] Reopened: (DS-242) Special groups shown for logged in user rather than for user being examined

Tue, 23 Mar 2010 17:21:35 -0700 

     [ 
http://jira.dspace.org/jira/browse/DS-242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stuart Lewis reopened DS-242:
-----------------------------


This patch fixes the original problem, but breaks authZ where anonymous users 
are members of special groups, as Group.allMemberGroupIDs()  will not now 
return special groups when the Context has no logged in user. This means 
IPAuthentcation is broken.

This fix seems to work:

if ((c.getCurrentUser() == null) || (((c.getCurrentUser() != null) && 
(c.getCurrentUser().getID() == e.getID()))))

It adds an extra check to allow special groups to be included if the user is 
not logged in. 


> Special groups shown for logged in user rather than for user being examined
> ---------------------------------------------------------------------------
>
>                 Key: DS-242
>                 URL: http://jira.dspace.org/jira/browse/DS-242
>             Project: DSpace 1.x
>          Issue Type: Bug
>    Affects Versions: 1.5.2
>            Reporter: Stuart Lewis
>            Assignee: Stuart Lewis
>            Priority: Minor
>             Fix For: 1.6.0
>
>         Attachments: special-groups-display.patch
>
>
> When you examine a user, you can see which groups they are in. This list 
> includes special groups, however rather than showing the special groups of 
> that user, it shows the special groups of the current user. It would be 
> impossible to list the special groups of a user who is not logged in.
> The code has been changed to:
>         // Also need to get all "Special Groups" user is a member of!
>         // Otherwise, you're ignoring the user's membership to these groups!
>         // However, we only do this is we are looking up the special groups
>         // of the current user, as we cannot look up the special groups
>         // of a user who is not logged in.
>         if (c.getCurrentUser().getID() == e.getID())
>         {
>             Group[] specialGroups = c.getSpecialGroups();
>             for(Group special : specialGroups)
>             {
>                 groupIDs.add(new Integer(special.getID()));
>             }
>         }

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.dspace.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Dspace-devel mailing list
Dspace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-devel

Reply via email to