U4-6962 - Public access in multiple levels is broken in 7.3

Created by Jonas Boye 14 Aug 2015, 10:16:21 Updated by Shannon Deminick 22 Oct 2015, 08:32:21

'''What did you do?''' Installed 7.3 Beta 3 + Fanoe Made the blog protected with Public Access Tried to set another Public Access on a child node '''Screencast:''' https://www.youtube.com/watch?v=bV9ThHFbi5E

'''What did you expect to happen?''' The child node should be protected with the new group

'''What actually happened?''' '''YSOD:''' {{[Exception: Document is not protected!] umbraco.cms.businesslogic.web.Access.AddMembershipRoleToDocument(Int32 documentId, String role) +311 umbraco.presentation.umbraco.dialogs.protectPage.protect_Click(Object sender, CommandEventArgs e) +1619 System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +189 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3342 }}

'''Logfile:''' {{ 2015-08-14 12:04:07,006 [P9548/D7/T44] ERROR Umbraco.Core.UmbracoApplicationBase - An unhandled exception occurred System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Exception: Document is not protected! at umbraco.cms.businesslogic.web.Access.AddMembershipRoleToDocument(Int32 documentId, String role) at umbraco.presentation.umbraco.dialogs.protectPage.protect_Click(Object sender, CommandEventArgs e) at System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.umbraco_dialogs_protectpage_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\8325577b\d67daaa7\App_Web_protectpage.aspx.10695ae8.h4nonega.0.cs:line 0 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) }}

Comments

Jonas Boye 14 Aug 2015, 10:32:51

For reference, this is how it worked in 7.2.8: https://youtu.be/a9s2TpHSsv0


Jonas Boye 14 Aug 2015, 11:36:18

I've found a workaround: http://youtu.be/5R-uAvaUA18 Reverse the process and start by setting the highest level of protection. The downside is, you have to completely remove all protection, before you can update the children


Simplicio Jison Jr. 06 Oct 2015, 17:10:27

@Jonas.Boye Also the Public Access does not work on Multiple Group Assignment.


Patrick Scott 10 Oct 2015, 14:56:24

This still is an issue in 7.3 release, I cannot get more than 1 role to be assigned to a node. If I add more than one, then is no error, it just only adds one to the database.


Sebastiaan Janssen 13 Oct 2015, 13:04:59

Can repro on 7.3.0 and it worked as expected on 7.2.8.


Sebastiaan Janssen 14 Oct 2015, 08:19:47

Commit made by '''Sebastiaan Janssen''' on ''2015-10-14T10:19:39+02:00'' https://github.com/umbraco/Umbraco-CMS/commit/e0619edabb9964bd5998994b2b16af559c3817ce

U4-6962 Public access in multiple levels is broken in 7.3

#U4-6962 Fixed


Sebastiaan Janssen 14 Oct 2015, 09:02:25

Sorry, this is only fixing a different issue where you can't update the allowed roles. Thought I made an issue for that, but guess not, will do now.


Sebastiaan Janssen 14 Oct 2015, 09:05:57

Issue: U4-7248


Claus Jensen 14 Oct 2015, 09:31:30

So this isn't fixed?


Sebastiaan Janssen 14 Oct 2015, 09:38:42

Haven't tested, so I assume not.


Sebastiaan Janssen 14 Oct 2015, 09:43:55

Ignore me.. was testing it wrong, not with a child element. This is not fixed yet.


Sebastiaan Janssen 14 Oct 2015, 10:03:45

The problem (for this issue) is that the child document is not explicitly protected at the moment. So when PublicAccessService.AddOrUpdateRule runs it checks var entry = repo.GetAll().FirstOrDefault(x => x.ProtectedNodeId == content.Id); This will not return anything because the parent is protected and not this one. I'm not even sure how this worked before 7.3 though. Anyway, it can be solved by looking at the ancestors and seeing if they are protected but I'm not sure that it's the correct fix. I also think @Shandem should look at U4-7248 as I am getting really confused as to why there was the assumption that a entry could be updated.


Tim Payne 14 Oct 2015, 12:49:17

I've just had this issue, which appears to be related: http://issues.umbraco.org/issue/U4-7250


Claus Jensen 15 Oct 2015, 15:24:48

@Shandem will do - thanks for letting me know


Claus Jensen 21 Oct 2015, 09:36:25

PR: https://github.com/umbraco/Umbraco-CMS/pull/827


Shannon Deminick 21 Oct 2015, 16:38:33

looks good and tested, will cherry pick for 7.3.1


Claus Jensen 22 Oct 2015, 08:10:39

Cool - yep I realized after doing the fix that we likely needed to fix this for 7.3.1 too, but wasn't sure how the procedure was. Cherry picking sounds good.


Priority: Major

Type: Bug

State: Fixed

Assignee:

Difficulty: Normal

Category:

Backwards Compatible: True

Fix Submitted: None

Affected versions: 7.3.0

Due in version: 7.3.1

Sprint: Sprint 1

Story Points:

Cycle: