Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue 12678 fixing workflow roles permission issue #13526

Merged
merged 10 commits into from
Feb 1, 2018
Merged

Issue 12678 fixing workflow roles permission issue #13526

merged 10 commits into from
Feb 1, 2018

Conversation

oswaldogallango
Copy link

No description provided.

@oswaldogallango oswaldogallango mentioned this pull request Jan 30, 2018
Closed
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
dev-dotcms
dev-dotcms reviewed Jan 30, 2018
View reviewed changes
dotCMS/src/main/java/com/dotmarketing/portlets/workflows/business/WorkflowAPIImpl.java
.doesRoleHavePermission(action, PermissionAPI.PERMISSION_USE,
anyWhoCanViewContent)) {
if (APILocator.getPermissionAPI()
if (permissionAPI
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MAJOR Merge this if statement with the enclosing one. rule

dev-dotcms
dev-dotcms reviewed Jan 30, 2018
View reviewed changes
dotCMS/src/main/java/com/dotmarketing/portlets/workflows/business/WorkflowAPIImpl.java
.doesRoleHavePermission(action, PermissionAPI.PERMISSION_USE,
anyWhoCanPublishContent)) {
if (APILocator.getPermissionAPI().doesUserHavePermission(permissionable,
if (permissionAPI.doesUserHavePermission(permissionable,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MAJOR Merge this if statement with the enclosing one. rule

dev-dotcms
dev-dotcms reviewed Jan 30, 2018
View reviewed changes
dotCMS/src/main/java/com/dotmarketing/portlets/workflows/business/WorkflowAPIImpl.java
.doesRoleHavePermission(action, PermissionAPI.PERMISSION_USE,
anyWhoCanEditContent)) {
if (APILocator.getPermissionAPI().doesUserHavePermission(permissionable,
if (permissionAPI.doesUserHavePermission(permissionable,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MAJOR Merge this if statement with the enclosing one. rule

dev-dotcms
dev-dotcms reviewed Jan 30, 2018
View reviewed changes
dotCMS/src/main/java/com/dotmarketing/portlets/workflows/business/WorkflowAPIImpl.java
.doesRoleHavePermission(action, PermissionAPI.PERMISSION_USE,
anyWhoCanEditPermisionsContent)) {
if (APILocator.getPermissionAPI().doesUserHavePermission(permissionable,
if (permissionAPI.doesUserHavePermission(permissionable,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MAJOR Merge this if statement with the enclosing one. rule

dev-dotcms
dev-dotcms reviewed Jan 30, 2018
View reviewed changes
dotCMS/src/main/java/com/dotmarketing/portlets/workflows/business/WorkflowAPI.java
* @throws DotDataException
* @throws DotSecurityException
*/
public WorkflowAction findActionRespectingPermissions(String actionId, String stepId, Permissionable permissionable, User user) throws DotDataException, DotSecurityException;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MINOR Split this 175 characters long line (which is greater than 150 authorized). rule

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't be bad to add an integration test for this new API method

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

test included

dev-dotcms
dev-dotcms reviewed Jan 30, 2018
View reviewed changes
dotCMS/src/main/java/com/dotmarketing/portlets/workflows/business/WorkflowAPI.java
* @throws DotDataException
* @throws DotSecurityException
*/
public WorkflowAction findActionRespectingPermissions(String id, Permissionable permissionable, User user) throws DotDataException, DotSecurityException;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MINOR Split this 154 characters long line (which is greater than 150 authorized). rule

@dev-dotcms
Copy link

SonarQube analysis reported 9 issues

  • MAJOR 5 major
  • MINOR 4 minor

Watch the comments in this conversation to review them.

3 extra issues

Note: The following issues were found on lines that were not modified in the pull request. Because these issues can't be reported as line comments, they are summarized here:

  1. MAJOR WorkflowAPIImpl.java#L374: The return value of "map" must be used. rule
  2. MINOR WorkflowAPIImpl.java#L371: Specify a type for: 'i' rule
  3. MINOR WorkflowAPIImpl.java#L374: Specify a type for: 'i' rule

@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
@dotCMS dotCMS deleted a comment Jan 30, 2018
jgambarios
jgambarios requested changes Feb 1, 2018
View reviewed changes
...MS/src/main/java/com/dotmarketing/portlets/contentlet/business/web/ContentletWebAPIImpl.java Outdated
} catch(Exception e){


Copy link
Contributor

@jgambarios jgambarios Feb 1, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@oswaldogallango should we remove the try?, not empty catch should exist, if the try is required and no logic in the catch should be done please add a Log.error but most likely the try should be remove.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jgambarios the try and catch can not be removed because, if the user doesn't have permission to execute that action the method is going to throw an exception but you still want to continue doing the save, but if the user have permission you just execute the fireworkflow action according to the if that is below

@wezell
Copy link
Contributor

wezell commented Feb 1, 2018

If the user does not have permission to the action, then the save should fail.

@dotCMS dotCMS deleted a comment Feb 1, 2018
@dotCMS dotCMS deleted a comment Feb 1, 2018
@jgambarios jgambarios merged commit 1dc8e22 into master Feb 1, 2018
@jgambarios jgambarios deleted the issue-12678-fixing-workflow-roles-permission-issue branch February 1, 2018 21:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dsilvam dsilvam dsilvam approved these changes

@dev-dotcms dev-dotcms dev-dotcms left review comments

@jgambarios jgambarios jgambarios approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@oswaldogallango @dev-dotcms @wezell @jgambarios @dsilvam