Uploaded image for project: 'Apache Roller'
  1. Apache Roller
  2. ROL-695

Can't save anything in an empty db or empty website

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • 1.1
    • 1.1
    • None
    • None
    • CVS HEAD

    Description

      Note: This occurs on CVS HEAD on the main line in unreleased code. I've reproduced on both Tomcat 5.5.7/JDK 1.5 and Tomcat 5.0.28/JDK 1.4, so I think platform is irrelevant.

      To reproduce, start with a fresh db, and attempt to save a weblog entry or change themes. A permission exception results.

      I believe it will also be reproducible with a fresh website/username in an existing db.

      Here is some analysis I did in the debugger for reference:

      There is a direct call from RequestFilter to IfModifiedFilter.getLastPublishedDate() at line 145 of RequestFilter.java. In IfModifiedFilter, if you happen to get a date cache miss at line 181, it does a roller.begin() call that clobbers the user and sets an anonymous user. That hoses things for all canSave() permission checks.

      If you start with a fresh empty database, you'll be caught in a position where you can't save due to this bug. Once you have a lastUpdateTime for the website cached, you are ok.

      Possible suggested fixes:

      (1) If you intend that it is ok that begin() is called on an already begun session, add a state value to skip the setUser(UserData.anonymous) if the session is already "begun."
      or skip the setting if there is a user set.

      (2) If you intend that begin() should not be called, then keep a state variable indicating "begun" and throw an IllegalStateException on subsequent calls.

      Attachments

        Activity

          People

            djohnson David Johnson
            agangolli Anil Gangolli
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: