0000025: Non-root user can't use copy/cut/paste buttons in catalog.

In-Portal Issue Tracker - In-Portal CMS
Viewing Issue Advanced Details

ID:	Category:	Type:	Reproducibility:	Date Submitted:	Last Update:
25	[In-Portal CMS] Security	bug report	always	2009-05-20 14:50	2009-10-03 07:56

Reporter:	alex	Platform:
Assigned To:	alex	OS:
Priority:	normal	OS Version:
Status:	closed	Product Version:	4.3.9
Product Build:		Resolution:	fixed

ETA:	none	Fixed in Version:	5.0.0
Reference:
Change Log Message:
Estimate Points:	0

Summary:	0000025: Non-root user can't use copy/cut/paste buttons in catalog.
Description:	For 5.0.0 release permission checking for category items and categories was changed. Now all events in temp tables are allowed, but other events (specified in event handler) are checked by individual logic. Problem is, that OnCut, OnCopy, OnPaste, OnPasteClipboard events are not specified at all and that's why are denied for execution in any circumstances. What permissions should be checked: OnCut - delete right in category, where cut button was pressed. OnCopy - no permission required, because it doesn't change data. OnPaste, OnPasteClipboard - add right for category, where paste is performed.
Steps To Reproduce:
Additional Information:
Relationships
Attached Files:

Issue History
Date Modified	Username	Field	Change
2009-10-03 07:56	administrator	Note Added: 0000609
2009-10-03 07:56	administrator	Status	resolved => closed
2009-10-03 07:39	administrator	Type	@80@ => bug report
2009-06-03 05:41	alex	Fixed in Version	5.0.1 => 5.0.0
2009-06-03 05:40	alex	Fixed in Version	=> 5.0.1
2009-05-27 03:04	alex	Note Added: 0000015
2009-05-27 03:04	alex	Status	reviewed and tested => resolved
2009-05-27 03:04	alex	Resolution	open => fixed
2009-05-27 03:04	alex	Changeset attached	RC r11821
2009-05-25 15:35	Dmitry	version	5.0.0 => 4.3.9
2009-05-20 14:51	alex	Status	active => reviewed and tested
2009-05-20 14:51	alex	Assigned To	=> alex
2009-05-20 14:51	alex	Target Version	=> 5.0.0
2009-05-20 14:50	alex	New Issue

Notes