You are here: Foswiki>Tasks Web>Item10906 (17 Dec 2011, GeorgeClark)Edit Attach

Item10906: Adding incorrect user to a group kills WikiGroups

Priority: Normal
Current State: Closed
Released In: 1.1.4
Target Release: patch
Applies To: Engine
Component: FoswikiMeta, TopicUserMappingContrib
Reported By: AndrewJones
Waiting For:
Last Change By: GeorgeClark
Sorry, title isn't very clear. Here are the reproduction steps:

  1. Create a new group with the following users (or similar): Main.AndrewJones, Main.Others...
  2. View WikiGroups as a non-admin user

You will then get an error in your browser, and the following in your FW error log:

Can't call method "get" on an undefined value at /work/local/foswiki/Release01x01/core/lib/Foswiki/ line 583

Its the Main.Others... that causes the problem.

Tested with the latest code in Release01x01 branch, and with released 1.1.3. Not tested with trunk.

-- AndrewJones - 21 Jun 2011

It fails on trunk as well. The issue appears to be caused by the 2nd dot (Others..) causes Others to be treated as a parent web, and it attempts to check DENYWEB for Others/ and fails to load preferences because the web doesn't exist. Not sure yet where the fix is needed.

-- GeorgeClark - 21 Jun 2011

Committed a fix. I believe it's safe to assume that TopicUserMapping - when checking Group and User authorization - only needs to check topics in the UsersWeb. TopicUserMapper uses sandbox function to validate the user or group name. Since we accept anything in the groups - to support other mappers, and/or pre-adding users to groups before they exist, we can't really enforce this on entry.

-- GeorgeClark - 21 Jun 2011

ItemTemplate edit

Summary Adding incorrect user to a group kills WikiGroups
ReportedBy AndrewJones
Codebase 1.1.3, trunk
SVN Range
AppliesTo Engine
Component FoswikiMeta, TopicUserMappingContrib
Priority Normal
CurrentState Closed
Checkins distro:6e417294bf99 distro:30aece0f8138
TargetRelease patch
ReleasedIn 1.1.4
Topic revision: r6 - 17 Dec 2011, GeorgeClark - This page was cached on 15 Jan 2020 - 21:22.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy