Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-15979

Global Menu is displayed (with error) in subwiki for a local user

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Critical
    • 10.11-rc-1, 10.8.3
    • 10.10, 10.8.2
    • Web - Templates & Resources
    • None
    • Windows 10 Pro 64 bit, Edge 17, using a local instance XWiki 10.10 on PostgreSQL 10
    • Unknown
    • N/A
    • N/A
    • Pull Request accepted

    Description

      STEPS TO REPRODUCE:

      1. Log in as Admin
      2. Go to Administer Wiki > Look & Feel > Menu
      3. Click 'Add a new Entry'
      4. Add an entry name (e.g. Menu1)
      5. Select Menu Display Location - "Inside a Right Panel"
      6. Select Menu Visibility Scope - Global
      7. Click 'Save & View'
      8. Create a new subwiki on which both global and local users are available
      9. On subwiki, go to Administer Wiki > Look & Feel > Panels
      10. Add the name of the previously created menu in the right Panel (eg. xwiki:Menu.Menu1.WebHome)
      11. Click 'Save'
      12. Refresh the page
      13. Create a local user on the subwiki (e.g. U1)
      14. Login with the respective user

      EXPECTED RESULTS

      'Menu1' should not be displayed on the subwiki for the local user (U1).

      ACTUAL RESULTS:

      The menu panel is displayed with an 'include macro' error as content:

      Failed to execute the [include] macro. Cause: [Current user [subwikiglobal:XWiki.U1] doesn't have view rights on document [Document xwiki:Menu.Menu1.WebHome]]. Click on this message for details.

      Here is the stacktrace for the error:

      org.xwiki.rendering.macro.MacroExecutionException: Current user [subwikiadmin:XWiki.UL1] doesn't have view rights on document [Document xwiki:Menu.MenuA.WebHome]
	at org.xwiki.rendering.internal.macro.include.IncludeMacro.execute(IncludeMacro.java:175)
	at org.xwiki.rendering.internal.macro.include.IncludeMacro.execute(IncludeMacro.java:61)
	at org.xwiki.rendering.internal.transformation.macro.MacroTransformation.transform(MacroTransformation.java:297)
	at org.xwiki.rendering.internal.transformation.DefaultRenderingContext.transformInContext(DefaultRenderingContext.java:183)
	at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.transform(AbstractBlockAsyncRenderer.java:78)
	at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.lambda$transform$0(AbstractBlockAsyncRenderer.java:64)
	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:85)
	at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.transform(AbstractBlockAsyncRenderer.java:63)
	at org.xwiki.rendering.wikimacro.internal.DefaultWikiMacroRenderer.transform(DefaultWikiMacroRenderer.java:404)
	at org.xwiki.rendering.wikimacro.internal.DefaultWikiMacroRenderer.transform(DefaultWikiMacroRenderer.java:372)
	at org.xwiki.rendering.wikimacro.internal.DefaultWikiMacroRenderer.render(DefaultWikiMacroRenderer.java:266)
	at org.xwiki.rendering.wikimacro.internal.DefaultWikiMacroRenderer.render(DefaultWikiMacroRenderer.java:67)
	at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.render(DefaultAsyncRendererExecutor.java:203)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.execute(DefaultBlockAsyncRendererExecutor.java:134)
	at org.xwiki.rendering.wikimacro.internal.DefaultWikiMacro.execute(DefaultWikiMacro.java:105)
	at org.xwiki.rendering.wikimacro.internal.DefaultWikiMacro.execute(DefaultWikiMacro.java:52)
	at org.xwiki.rendering.internal.transformation.macro.MacroTransformation.transform(MacroTransformation.java:297)
	at org.xwiki.rendering.internal.transformation.DefaultRenderingContext.transformInContext(DefaultRenderingContext.java:183)
	at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.transform(AbstractBlockAsyncRenderer.java:78)
	at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.lambda$transform$0(AbstractBlockAsyncRenderer.java:64)
	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:85)
	at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.transform(AbstractBlockAsyncRenderer.java:63)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRenderer.tranform(DefaultBlockAsyncRenderer.java:156)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRenderer.render(DefaultBlockAsyncRenderer.java:123)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRenderer.render(DefaultBlockAsyncRenderer.java:51)
	at org.xwiki.uiextension.internal.WikiUIExtension.render(WikiUIExtension.java:179)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor$DecoratorWrapper.render(DefaultBlockAsyncRendererExecutor.java:72)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor$DecoratorWrapper.render(DefaultBlockAsyncRendererExecutor.java:54)
	at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.render(DefaultAsyncRendererExecutor.java:203)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.execute(DefaultBlockAsyncRendererExecutor.java:134)
	at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.execute(DefaultBlockAsyncRendererExecutor.java:121)
	at org.xwiki.uiextension.internal.AbstractWikiUIExtension.execute(AbstractWikiUIExtension.java:113)
	at sun.reflect.GeneratedMethodAccessor271.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:395)
	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:384)
	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:173)
	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
	at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:567)
	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:151)
	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
	at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:369)
	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
	at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87)
	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
	at org.apache.velocity.runtime.directive.Foreach.render(Foreach.java:420)
	at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:207)
	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
	at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87)
	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluateInternal(DefaultVelocityEngine.java:259)
	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluate(DefaultVelocityEngine.java:222)
	at com.xpn.xwiki.render.DefaultVelocityManager.evaluate(DefaultVelocityManager.java:357)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.evaluateContent(InternalTemplateManager.java:825)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:701)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.lambda$renderFromSkin$0(InternalTemplateManager.java:676)
	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:85)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:675)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:654)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:640)
	at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:78)
	at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2290)
	at com.xpn.xwiki.XWiki.parseTemplate(XWiki.java:2268)
	at com.xpn.xwiki.api.XWiki.parseTemplate(XWiki.java:992)
	at sun.reflect.GeneratedMethodAccessor255.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:395)
	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:384)
	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:173)
	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
	at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:369)
	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
	at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:216)
	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:311)
	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:230)
	at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:207)
	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluateInternal(DefaultVelocityEngine.java:259)
	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluate(DefaultVelocityEngine.java:222)
	at com.xpn.xwiki.render.DefaultVelocityManager.evaluate(DefaultVelocityManager.java:357)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.evaluateContent(InternalTemplateManager.java:825)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:701)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.lambda$renderFromSkin$0(InternalTemplateManager.java:676)
	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:85)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:675)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:654)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:640)
	at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:78)
	at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2290)
	at com.xpn.xwiki.XWiki.parseTemplate(XWiki.java:2268)
	at com.xpn.xwiki.api.XWiki.parseTemplate(XWiki.java:992)
	at sun.reflect.GeneratedMethodAccessor255.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:395)
	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:384)
	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:173)
	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
	at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:369)
	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
	at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:216)
	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:311)
	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:230)
	at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:207)
	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
	at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:106)
	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluateInternal(DefaultVelocityEngine.java:259)
	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluate(DefaultVelocityEngine.java:222)
	at com.xpn.xwiki.render.DefaultVelocityManager.evaluate(DefaultVelocityManager.java:357)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.evaluateContent(InternalTemplateManager.java:825)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:701)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.lambda$renderFromSkin$0(InternalTemplateManager.java:676)
	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:85)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:675)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:654)
	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:640)
	at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:78)
	at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2290)
	at com.xpn.xwiki.web.Utils.parseTemplate(Utils.java:179)
	at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:489)
	at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:210)
	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
	at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:860)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1650)
	at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:112)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
	at org.xwiki.wysiwyg.filter.ConversionFilter.doFilter(ConversionFilter.java:109)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
	at org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
	at org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
	at org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
	at org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:134)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1629)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:219)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:126)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
	at org.eclipse.jetty.server.Server.handle(Server.java:530)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:347)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:256)
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:382)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:708)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:626)
	at java.lang.Thread.run(Unknown Source)

      The issue was reproduced also on XWiki 10.8.2. The last version on which it was not being displayed for local users was 10.4.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. XWIKI-7434 A user can have less rights than guest

          • Major - Major loss of function.
          • Open

          Activity

            People

              surli Simon Urli
              iandriuta Ilie Andriuta
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: