Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-15015

Translation listener should refuse to save a scope not compatible with the current user's permissions

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Unresolved
    • Major
    • None
    • 9.11.2
    • Localization
    • None
    • Unknown

    Description

      Otherwise the user doesn't know that he doesn't have the permission and it leads to finding the following type of errors in the logs of myxwiki.org:

      2018-02-09 14:58:55,868 [pool-2-thread-5] ERROR cumentTranslationBundleFactory - Failed to register translation bundle from document [scservicesub:Stats.Translations]
org.xwiki.security.authorization.AccessDeniedException: Access denied when checking [admin] access to [Wiki scservicesub] for user [scservicesub:XWiki.Admin]
        at org.xwiki.security.authorization.DefaultAuthorizationManager.checkAccess(DefaultAuthorizationManager.java:94)
        at org.xwiki.localization.wiki.internal.DocumentTranslationBundleFactory.checkRegistrationAuthorization(DocumentTranslationBundleFactory.java:442)
        at org.xwiki.localization.wiki.internal.DocumentTranslationBundleFactory.registerTranslationBundle(DocumentTranslationBundleFactory.java:418)
        at org.xwiki.localization.wiki.internal.DocumentTranslationBundleFactory.loadTranslations(DocumentTranslationBundleFactory.java:233)
        at org.xwiki.localization.wiki.internal.DocumentTranslationBundleFactory.access$200(DocumentTranslationBundleFactory.java:86)
        at org.xwiki.localization.wiki.internal.DocumentTranslationBundleFactory$2.onEvent(DocumentTranslationBundleFactory.java:177)
        at org.xwiki.observation.internal.DefaultObservationManager.notify(DefaultObservationManager.java:304)
        at org.xwiki.observation.internal.DefaultObservationManager.notify(DefaultObservationManager.java:269)
        at com.xpn.xwiki.internal.WikiInitializerJob.runInternal(WikiInitializerJob.java:120)
        at org.xwiki.job.AbstractJob.runInContext(AbstractJob.java:206)
        at org.xwiki.job.AbstractJob.run(AbstractJob.java:189)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at java.lang.Thread.run(Thread.java:745)

      In addition, we should also validate in the UI itself even before the save.

      At least the listener should cancel the save.

      Attachments

        Activity

          People

            Unassigned Unassigned
            vmassol Vincent Massol
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: