Uploaded image for project: 'Service Packs and Hot Fixes'
  1. Service Packs and Hot Fixes
  2. MNT-20167

Accessing a folder without permissions causes a 500 error instead of a 403 error

    Details

    • Type: Service Pack Request
    • Status: Closed
    • Resolution: Won't Do
    • Affects Version/s: 5.2.4
    • Fix Version/s: None
    • Component/s: ACS REST API
    • Labels:
    • Environment:
      RHEL, Tomcat, Postgres
    • Bug Priority:
      Category 3
    • ACT Numbers:

      00962911

    • Premier Customer:
      Yes
    • Regression Since:
    • Prioritization Score:
      3.55

      Description

      Description:

      If a user don't have appropriate permission to a node and tries to hit document detail's page a 500 error gets reported in the access logs. This should throw a 403 error as described in JIRA:

      https://issues.alfresco.com/jira/browse/MNT-10156

      Steps to reproduce:

      Expected Beaviour:
      Access logs should show a 403 Error.

      Observed Behaviour:

      If you check the access logs a 500 Error gets reported
      Environment Reproduction:

      Alfresco 5.2.4, Tomcat, Postgres

      Analysis to date:

      Looking through Jira this was fixed in version 4.1.10. Testing this version does show a 410 Error being showed in the access logs. Please take a look at the file attached "results in access logs.txt. This file shows the difference in response code between version 4.1.10 and 5.2.4.

        Attachments

          Structure

            Activity

              People

              • Assignee:
                closedissues Closed Issues
                Reporter:
                dalmazan David Almazan
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Structure Helper Panel