Item10906: Adding incorrect user to a group kills WikiGroups

Priority:	CurrentState:	AppliesTo:	Component:	WaitingFor:
Normal	Closed	Engine	FoswikiMeta, TopicUserMappingContrib

Sorry, title isn't very clear. Here are the reproduction steps:

1. Create a new group with the following users (or similar): Main.AndrewJones, Main.Others...
2. View WikiGroups as a non-admin user

You will then get an error in your browser, and the following in your FW error log:

Can't call method "get" on an undefined value at /work/local/foswiki/Release01x01/core/lib/Foswiki/Meta.pm line 583

Its the Main.Others... that causes the problem.

Tested with the latest code in Release01x01 branch, and with released 1.1.3. Not tested with trunk.

-- AndrewJones - 21 Jun 2011

It fails on trunk as well. The issue appears to be caused by the 2nd dot (Others..) causes Others to be treated as a parent web, and it attempts to check DENYWEB for Others/ and fails to load preferences because the web doesn't exist. Not sure yet where the fix is needed.

-- GeorgeClark - 21 Jun 2011

Committed a fix. I believe it's safe to assume that TopicUserMapping - when checking Group and User authorization - only needs to check topics in the UsersWeb. TopicUserMapper uses sandbox function to validate the user or group name. Since we accept anything in the groups - to support other mappers, and/or pre-adding users to groups before they exist, we can't really enforce this on entry.

-- GeorgeClark - 21 Jun 2011