You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Brent N Atkinson (JIRA)" <ji...@apache.org> on 2015/05/07 18:57:00 UTC
[jira] [Closed] (CONTINUUM-2701) Project groups with ampersand in
name lose permissions after upgrade
[ https://issues.apache.org/jira/browse/CONTINUUM-2701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brent N Atkinson closed CONTINUUM-2701.
---------------------------------------
Resolution: Fixed
Assignee: Brent N Atkinson
I was able to reproduce this on 1.4.1, 1.4.2, but it appears that this was already fixed for 1.5. The reason appears to be that the JSP used JSTL tags to construct the URL. This lead to the ampersand being double-escaped for the project summary component. The page was simplified to use only struts2 tags for this purpose, which prevents the double-escaping.
> Project groups with ampersand in name lose permissions after upgrade
> --------------------------------------------------------------------
>
> Key: CONTINUUM-2701
> URL: https://issues.apache.org/jira/browse/CONTINUUM-2701
> Project: Continuum
> Issue Type: Bug
> Affects Versions: 1.4.1, 1.4.2
> Reporter: Philippe Busque
> Assignee: Brent N Atkinson
> Labels: maybe-1.5
> Fix For: 1.5.0
>
> Attachments: CONTINUUM-2701-screenshot.png
>
>
> I upgraded Continuum from 1.3.6 to 1.4.1
> Some of my projets had ampersand in their name. In 1.3.X, this was allowed.
> Now in 1.4.1, the interface block you from creating project with ampersand in their name. However, for every project with ampersand already in their name, those project are locked out.
> When opening the project, the following message is displayed :
> Authorization Error
> You are not authorized to access this page. Please contact your administrator to be granted the appropriate permissions.
> In the logs, the following trace is displayed:
> {noformat}
> INFO org.codehaus.plexus.redback.authorization.rbac.RbacAuthorizer - no permission found for operation continuum-view-group resource Questions & Answers
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)