You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "Emond Papegaaij (Created) (JIRA)" <ji...@apache.org> on 2012/01/17 08:59:39 UTC
[jira] [Created] (WICKET-4340) Rerendering a page with WicketTester
after you loose permission does not give access-denied
Rerendering a page with WicketTester after you loose permission does not give access-denied
-------------------------------------------------------------------------------------------
Key: WICKET-4340
URL: https://issues.apache.org/jira/browse/WICKET-4340
Project: Wicket
Issue Type: Bug
Components: wicket
Affects Versions: 1.5.4, 6.0.0
Reporter: Emond Papegaaij
Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (WICKET-4340) Rerendering a page with WicketTester
after you loose permission does not give access-denied
Posted by "Emond Papegaaij (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emond Papegaaij updated WICKET-4340:
------------------------------------
Affects Version/s: 1.4.20
Probably applies to 1.4 as well. I did not test it on 1.4, but the patch for WICKET-4256 got backported to 1.4.
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.4.20, 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (WICKET-4340) Rerendering a page with WicketTester
after you loose permission does not give access-denied
Posted by "Emond Papegaaij (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emond Papegaaij updated WICKET-4340:
------------------------------------
Attachment: quickstart-4340.tar.bz2
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Attachments: quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (WICKET-4340) Rerendering a page with
WicketTester after you loose permission does not give access-denied
Posted by "Igor Vaynberg (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Vaynberg reassigned WICKET-4340:
-------------------------------------
Assignee: Igor Vaynberg
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Assignee: Igor Vaynberg
> Fix For: 1.5.4, 6.0.0
>
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (WICKET-4340) Rerendering a page with WicketTester
after you loose permission does not give access-denied
Posted by "Igor Vaynberg (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Vaynberg updated WICKET-4340:
----------------------------------
Affects Version/s: (was: 1.4.20)
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Fix For: 1.5.4, 6.0.0
>
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (WICKET-4340) Rerendering a page with
WicketTester after you loose permission does not give access-denied
Posted by "Igor Vaynberg (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13188101#comment-13188101 ]
Igor Vaynberg commented on WICKET-4340:
---------------------------------------
blah. 1.5.x fix is committed under WICKET-4030 by mistake :/
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.4.20, 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (WICKET-4340) Rerendering a page with
WicketTester after you loose permission does not give access-denied
Posted by "Igor Vaynberg (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Vaynberg resolved WICKET-4340.
-----------------------------------
Resolution: Fixed
Fix Version/s: 1.5.4
6.0.0
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Assignee: Igor Vaynberg
> Fix For: 6.0.0, 1.5.4
>
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (WICKET-4340) Rerendering a page with WicketTester
after you loose permission does not give access-denied
Posted by "Martin Grigorov (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Grigorov updated WICKET-4340:
------------------------------------
Attachment: WICKET-4340.patch
A patch that fixes the problem.
It moves the check for "isActionAuthorized(RENDER)" to Page#onConfigure() instead of #onBeforeRender() because the latter is not called anymore in such cases.
Igor, please review.
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (WICKET-4340) Rerendering a page with
WicketTester after you loose permission does not give access-denied
Posted by "Igor Vaynberg (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WICKET-4340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13188112#comment-13188112 ]
Igor Vaynberg commented on WICKET-4340:
---------------------------------------
added the test to 1.4.x, it does not suffer from this problem.
> Rerendering a page with WicketTester after you loose permission does not give access-denied
> -------------------------------------------------------------------------------------------
>
> Key: WICKET-4340
> URL: https://issues.apache.org/jira/browse/WICKET-4340
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.4, 6.0.0
> Reporter: Emond Papegaaij
> Fix For: 1.5.4, 6.0.0
>
> Attachments: WICKET-4340.patch, quickstart-4340.tar.bz2
>
>
> Since WICKET-4256 WicketTester does not give an access-denied page when you try to rerender a page instance after loosing permission to render that page. A testcase is added to WicketTesterTest (rerenderNotAllowed) to demonstrate the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira