Evergreen

Carousels Admin not displaying for other accounts on 3.6

Bug #1939338 reported by Steve Callender
38
This bug affects 8 people
Affects Status Importance Assigned to Milestone
Evergreen
Fix Released
Medium
Unassigned
Evergreen 3.8.1
3.7
Fix Released
Medium
Unassigned
Evergreen 3.7.3

Bug Description

I'm seeing a strange issue on a handful of 3.6 systems I've tested this on. They all seem to have it.

When going into the Carousels ADMIN screen, the screen seems to break if the user viewing them is not the one who created them and has their owner ID stamped on the bucket associated with the Carousel.

So for example I am seeing if a particular set of Carousels is owned by Library #4, and you have 3 that were created by User 1000, and 3 that were created by User 1001, the admin screen will break when trying to access the buckets not owned by the viewing user.

Another odd thing here, is that if I assign the "viewing" user with superuser status in the database, then it will work for that user. That seems permission related, but I have assigned every single EG permission to an account to test with, and the problem still persists if not a Superuser.

Wanted to reach out to see if anyone else is having this same issue before progressing farther with this.

Terran McCanna (tmccanna)
tags: added: carousels
Revision history for this message
Michele Morgan (mmorgan) wrote :

Confirmed, we are seeing this in 3.6.4.

Changed in evergreen:
status: New → Confirmed
Terran McCanna (tmccanna)
tags: added: opac-carousel
removed: carousels
Revision history for this message
Lynn Floyd (lfloyd) wrote :

Confirmed with 3.7.1

Revision history for this message
Ruth Frasur Davis (redavis) wrote :

This is a particularly onerous issue.

Revision history for this message
Lynn Floyd (lfloyd) wrote :

I just created a bunch of carousels with my SuperUSer account, now it's hanging it if you try to look for them.

Revision history for this message
Lynn Floyd (lfloyd) wrote :

Looking at them the issue is that the buckets are of type carousels.

Revision history for this message
Lynn Floyd (lfloyd) wrote :

Also the Carousels Editor does not load at all see https://bugs.launchpad.net/evergreen/+bug/1901888

Revision history for this message
Galen Charlton (gmc) wrote :

A patch is available:

working/user/gmcharlt/lp1939338_fix_perm_checks / https://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/gmcharlt/lp1939338_fix_perm_checks

As noted in the commit message, this patch is essentially a subset of the following commit by Jason Boyer in bug 1945836: https://git.evergreen-ils.org/?p=working/Evergreen.git;a=commitdiff;h=36369719067647da31c21e9bea1ac82757bbba34

I'm making this pull request to hopefully get at least this bug squashed sooner rather than later, but Jason's IDL fixes should also be looked at soon.

Changed in evergreen:
importance: Undecided → Medium
milestone: none → 3.8.1
tags: added: pullrequest
Andrea Neiman (aneiman)
Changed in evergreen:
assignee: nobody → Andrea Neiman (aneiman)
Revision history for this message
Andrea Neiman (aneiman) wrote :

Tested on pattypan test server. I created a carousel with user br1sbrock (Carousel ID 1) and while logged in as use br1rjackson I am able to see and make edits to the carousel as well as see its associated bucket. Carousel displays as expected in the OPAC.

I have tested this code and consent to signing off on it with my name, Andrea Buntz Neiman and my email address, <email address hidden>.

Changed in evergreen:
assignee: Andrea Neiman (aneiman) → nobody
tags: added: signedoff
Revision history for this message
Mike Rylander (mrylander) wrote :

I've committed this to rel_3_7 and rel_3_8 for the next maintenance releases. It's covered by Simple Reporter in master for 3.9, which has been merged now.

Changed in evergreen:
status: Confirmed → Fix Committed
Evergreen Bug Maintenance (bugmaster)
Changed in evergreen:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.