Bug #28319
Access denied will be logged at the wrong location in nested calls
| Status: | Needs Feedback | Start date: | 2011-07-19 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assigned To: | - | % Done: | 0% |
|
| Category: | Security | |||
| Target version: | - | |||
| PHP Version: | Complexity: | |||
| Has patch: | No | Affected Flow version: | FLOW3 1.0.0 |
Description
If several method calls that were secured by the PolicyEnforcementAspect are nested, an AccessDeniedException will be logged for the outer method even when the access to the inner method was not allowed.
This is misguiding and makes policy debugging very hard. We should try to log the method that was actually not allowed and try to provide more context for debugging.
History
#1 Updated by Christopher Hlubek about 4 years ago
Small update: Maybe this occurs only if the method that was denied is used in a runtime evaluation.
#2 Updated by Karsten Dambekalns almost 4 years ago
- Affected Flow version set to FLOW3 1.0.0
#3 Updated by Christian Müller over 3 years ago
- Status changed from New to Needs Feedback
- Has patch set to No
Should we still keep this then?