[#10459] - small regression: [com_menus] items view: use empty for all menu instead of *
- Fixed in Code Base
- 23 May 2016
- Medium
- Build: staging
- # 10459
- Diff
- andrepereiradasilva:dont-use-asterisk
- Success continuous-integration/travis-ci/pr The Travis CI build passed Details
- Success JTracker/HumanTestResults Human Test Results: 2 Successful 0 Failed. Details
User tests: Successful: Unsuccessful:
Summary of Changes
The "All Menu Items" was implemented in #10190 (which used empty as the value for the "- Select Menu -" option), but after the menus ACL was implemented in #9814 (which changed to * the value for the "- Select Menu -" option).
So, this PR goes back to (empty) as the value for the "- Select Menu -" option.
This allows to use /administrator/index.php?option=com_menus&view=items&menutype=URL (without a 403) as a fallback (in case the menu type is not found or something). This URL lists the all menu items list view.
Testing Instructions
- Use latest staging
- Go to
/administrator/index.php?option=com_menus&view=items&menutype=you will get a 403 error - Now apply patch
- Go to
/administrator/index.php?option=com_menus&view=items&menutype=you'll be redirect to "All Menu Items" with no 403 error - Navigate through the menus and create/Edit menu items and check if you're properly redirected after without issues
- Test batch and other operations also to confirm all is ok.
@infograf768 @bembelimen since you're the original creators of the two PR mentioned please test if all work as it should.
Observations
After this PR if you use:
-
/administrator/index.php?option=com_menus&view=itemsyou'll be redirect to your current state selected menu item ("All Menu Items" if none). -
/administrator/index.php?option=com_menus&view=items&menutype=you'll be redirect to "All Menu Items" -
/administrator/index.php?option=com_menus&view=items&menutype=validmenutypeyou'll be redirect to your valid menu type -
/administrator/index.php?option=com_menus&view=items&menutype=invalidmenutypeyou'll get a error the menu is not found -
/administrator/index.php?option=com_menus&view=items&menutype=validmenutypebutnopermissionyou'll get a error not autorized
| Status | New | ⇒ | Pending |
| Labels |
Added:
?
|
||
| Title |
|
||||||
| Category | ⇒ | Administration |
| Title |
|
||||||
| Title |
|
||||||
ok sorry, test instructions updated, now i think it's easier
I have tested this item 
successfully on ac541f6
Patch works
FULL SUCCESS
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
I have tested this item successfully on ac541f6
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Title |
|
||||||
| Status | Pending | ⇒ | Ready to Commit | ||||
| Title |
|
||||||
RTC. Has to go into 3.6.0 as this is a new bug introduced by #9814
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Labels |
Added:
?
|
||
Hello,
/administrator/index.php?option=com_menus&view=items&menutype=existing-menu-without-access-rights
Expected result: 403
Current result: show all items
I have tested this item 
unsuccessfully on ac541f6
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Status | Ready to Commit | ⇒ | Pending |
| Labels | |||
Oops didnt see the failed test -set back to pending
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Labels |
Removed:
?
|
||
/administrator/index.php?option=com_menus&view=items&menutype=existing-menu-without-access-rights
What menu "menu-without-access-rights" ? If a user has access to the Menus >>> Manage >>> Menus view then they have access to all menus.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
There is a new acl feature in 3.6
@bembelimen thanks for checking that. Will check.
i tested tha acl and it was working fine. here.
This PR has received new commits.
CC: @bembelimen, @infograf768, @Webdongle
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Labels |
Added:
?
|
||
@bembelimen please check now.
The code changes were this: a86f184
BTW @bembelimen there are some questions i notice in the menus ACL:
When you have a user that can't do anything (all denied) for a particular menu type:
updated see comment below
Update: Sorry i had "Access Administration Interface" set to Denied for that menu.
But still that is one issue (when all set to denied). that user can view/edit that menu type in Menu Types Manage (bug?)
I have tested this item successfully on a86f184
I have applied this patch on the latest staging together with #10460.
It is working as described. So this test is successfull.
I have not tested the new ACL feature.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
Hello @andrepereiradasilva
But still that is one issue (when all set to denied). that user can view/edit that menu type in Menu Types Manage (bug?)
The access rights are for the item(s) view only, not for the menu type stuff itself, there work the regular ACL settings
The access rights are for the item(s) view only, not for the menu type stuff itself, there work the regular ACL settings
@bembelimen
I see it was implemented that way, but IMHO doesn't make much sense a user can delete the entire menu and don't have access to delete a menu item in the same menu.
I made some changes (in new PR) to implement, at least part, of the ACL also in the menu types list view.
I have tested this item
Except that we do not get a 403 but a 500 with message "You are not authorised to view this resource", the changes do now work when the menutype has no access rights when using:
/administrator/index.php?option=com_menus&view=items&menutype=existing-menu-without-access-rights
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Status | Pending | ⇒ | Ready to Commit |
RTC
Thanks
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Labels |
Added:
?
|
||
| Milestone |
Added: |
||
Conflicts concern only one file.
This PR has received new commits.
CC: @bembelimen, @BurtNL, @infograf768, @Webdongle
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
This PR has received new commits.
CC: @bembelimen, @BurtNL, @infograf768, @Webdongle
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
This PR has received new commits.
CC: @bembelimen, @BurtNL, @infograf768, @Webdongle
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
conflicts fixed
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Status | Ready to Commit | ⇒ | Pending |
| Labels | |||
Taking RTC off as we only have one successful test so far
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Labels |
Removed:
?
|
||
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
@roland-d RTC now?
thanks for testing @infograf768 @bembelimen
| Status | Pending | ⇒ | Ready to Commit |
| Labels | |||
Back to rtc
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.
| Labels | |||
I am looking into it
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-05-23 14:09:15 |
| Closed_By | ⇒ | roland-d | |
| Labels |
Added:
?
|
||
Thanks everybody
@andrepereiradasilva
I am confused about the test instructions.
Before applying the patch all test from 2 - 8 work as expected.
If you remove steps 1 and 2 from the test instructions
Then after the Test instructions you have
Expected result
describe what should be seen
Actual result
describe the error
Then .. After applying patch describe what error is fixed.
It would be easier to test. Because at the moment I am unable to reproduce the error this is supposed to fix.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10459.