DL Group Access problem?
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Document Library |
New
|
Undecided
|
Martijn Faassen |
Bug Description
I'll try to investigate more thoroughly, but I have just noticed that an 'access controlled' document link that I should be able to see on a page on arana isn't appearing. In Mozilla Firefox 2, I log into the DL in the first browser tab. I then open a second tab in the same browser and go to a web page created in Silva that contains DL links. The document in question has group access set to 'DL-isd' (an LDAP group that I have membership of) so I should be seeing it, but the link doesn't appear here.
What makes this confusing is that I have some bookmarks in Mozilla Firefox that open up about 6-7 tabs relating to the DL (the DL itself, Zope, Silva, the atom feed, and so on). If I view the links in one of the tabs in this scenario, then I *can* see the access controlled link. I login twice when these tabs are loaded up - once into the DL and the second time into Silva using a local Silva account. I thought it might be the local Silva account so I tried firing up the browser and logging into Silva with one tab, then going to the web page with the links in another tab. Unfortunately the 'access controlled' link still didn't appear.
What is going on? Is this a browser caching problem or is the whole access controlled/group access thing not working correctly?
Ok, I've cleared all private data in the Mozilla Firefox browser and then performed the following:
Opened Mozilla Firefox 2. Gone to Silva on arana (test Zope instance), logging in using a local Silva account (Zope manager level) as opposed to an account initially created via LDAP. Opened up a second tab, going to the Silva web page on arana that pulls in the DL links.
The result is that the access controlled link is displayed on the page. However, it shouldn't be displayed because I haven't logged in using LDAP at all. Therefore, the access controlled link is presumably being displayed because of the Silva manager role login (in the first tab), and not because of who I am logged in as (via LDAP) or what groups I belong to (in LDAP) - because I'm not logged in via LDAP.
If I repeat the above exercise (clearing the private data again) but login to the DL (and am thus authenticated against LDAP)), then the access controlled link does not appear if I try to view the web page via a second tab in the same browser.
This has now got me concerned that the LDAP authentication and Group Access part of the DL is not working properly? Is using different tabs in the same browser session a good enough test of this?