Uploaded image for project: 'Service Packs and Hot Fixes'
  1. Service Packs and Hot Fixes
  2. MNT-2150

Un-friendly webscript 500 error message displayed in Share when a user clicks on a direct document URL they don't have the permissions to access.

    Details

    • Type: Service Pack Request
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.4.3
    • Fix Version/s: 3.4.9
    • Component/s: Share Application
    • Labels:
      None
    • Environment:
      Generic
    • ACT Numbers:

      33196, 41204

      Description

      [ Problem ]
      If a user clicks on a direct URL to a document in Share which they do not have permissions to view, an un-friendly (and quite scary err. 500) error appears:

      Web Script Status 500 - Internal Error

      The Web Script /alfresco/s/api/node/content/workspace/SpacesStore/dfffe79a-20dd-424e-b26b-5f760f727165/20091023_LE GTM - Planning Phase - Test_LST.docx has responded with a status of 500 - Internal Error.

      500 Description: An error inside the HTTP server which prevented it from fulfilling the request.

      The expected corresponding log exception is:
      'Exception: net.sf.acegisecurity.AccessDeniedException - Access is denied.'

      [ Enhancement ]
      To make the webscripts handle this a little better and display a more friendly message to the user who clicks on the direct URL link.

      [ Steps to reproduce ]
      Log in as User1
      Create a Private site.
      Upload a document.
      Go to document details and copy Download link, e.g. http://localhost:8080/share/proxy/alfresco/api/node/content/workspace/SpacesStore/dfffe79a-20dd-424e-b26b-5f760f727165/act1.doc?a=true

      Log out.
      Log in as User2.
      Insert the link in url (clicking in email or IM is the most common case).
      Get the HTTP 500:
      Web Script Status 500 - Internal Error

        Attachments

          Issue Links

            Activity

            Hide
            kroast Kevin Roast added a comment -

            Yes unfortunately due to the limitations of our build system (which is currently in-progress moving to a fully up-to-date Maven system - but not completed yet) - we have had some issues with JAR name naming. The JARs you are seeing should really be called 1.0.1SNAPSHOT or similar as you have correctly noticed.

            Please let me know if moving to the latest SpringSurf resolves the issues you are seeing with the switch for error or exception.

            Show
            kroast Kevin Roast added a comment - Yes unfortunately due to the limitations of our build system (which is currently in-progress moving to a fully up-to-date Maven system - but not completed yet) - we have had some issues with JAR name naming. The JARs you are seeing should really be called 1.0.1SNAPSHOT or similar as you have correctly noticed. Please let me know if moving to the latest SpringSurf resolves the issues you are seeing with the switch for error or exception.
            Hide
            danlangford Dan Langford (Inactive) added a comment -

            thank you kevin. if i get a chance ill throw in the absolute latest webscripts jar and see if that works. it might be a few days though.

            Show
            danlangford Dan Langford (Inactive) added a comment - thank you kevin. if i get a chance ill throw in the absolute latest webscripts jar and see if that works. it might be a few days though.
            Hide
            kroast Kevin Roast added a comment -

            Dan, I've started my investigation, the problem won't be fixed by adding the latest jars. I can see the problem and am working on the solution.

            Show
            kroast Kevin Roast added a comment - Dan, I've started my investigation, the problem won't be fixed by adding the latest jars. I can see the problem and am working on the solution.
            Hide
            kroast Kevin Roast added a comment -

            See linked issue ALF-14524 and forum comments for solution.

            Show
            kroast Kevin Roast added a comment - See linked issue ALF-14524 and forum comments for solution.
            Hide
            alfrescoqa Alfresco QA Team added a comment -

            Validated against 4.1.3 (6) schema 5,118

            Show
            alfrescoqa Alfresco QA Team added a comment - Validated against 4.1.3 (6) schema 5,118

              People

              • Assignee:
                closedbugs Closed Bugs
                Reporter:
                astrachan Alex Strachan
              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: