Item935: Func::saveTopicText ignorepermissions is not working as advertised

Priority:	CurrentState:	AppliesTo:	Component:	WaitingFor:
Urgent	Closed	Engine

Func::saveTopicText() 's ignore-permission-feature does not work as advertised. If you set $ignorePermissions to 1, Func::saveTopicText() will not check permissions, but the underlying Save::saveTopic() will.

I don't know, if this ever worked. Obviously nobody is missing it.

If somebody confirms this behaviour, I will clarify the inline docco.

It's easy to circumvent this problem with the following code:

# sudo :)
my $user_backup = $session->{user};
$session->{user} = Foswiki::Func::getCanonilcaUserID("SomePriviledgedUser"));

my $oops = Foswiki::Func::saveTopicText( $web, $topic, $text, 0, 0 );

# un-sudo
$session->{user} = $user_backup;

---

Dunno how this ended up as low priority. Raised to Urgent. MichaelDaum noted that this function also ends up with permissions being checked twice.

-- CrawfordCurrie - 24 Jul 2009

This behaviour is actually different in trunk; the access rights that are checked are those expressed in the new topic text, instead of the old. I assume from the date of Oliver's report that he was testing 1.0.x, so that must be something different. I have added a unit test to 1.1.

-- CrawfordCurrie - 06 Aug 2009

ignorepermissions is not checked for saveTopic

-- CrawfordCurrie - 02 Sep 2010