6.0.0-beta1
7/7/25

[#1004] Endless loop in group permissions check
Summary Endless loop in group permissions check
Queue Horde Framework Packages
Type Bug
State Resolved
Priority 3. High
Owners chuck (at) horde (dot) org
Requester rvs (at) angara (dot) ru
Created 12/22/2004 (7502 days ago)
Due
Updated 12/31/2004 (7493 days ago)
Assigned 12/31/2004 (7493 days ago)
Resolved 12/31/2004 (7493 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch No

History
12/31/2004 04:44:01 AM Chuck Hagenbuch Comment #4
State ⇒ Resolved
Reply to this comment
Okay. Now hasMethod() isn't called when we're just checking 
hasCapability('groups'). That should do it.
12/31/2004 04:37:07 AM Chuck Hagenbuch Assigned to Chuck Hagenbuch
State ⇒ Assigned
 
12/30/2004 06:38:59 PM rvs (at) angara (dot) ru Comment #3 Reply to this comment
Not resolved; suggest to reopen bug.

Registry::hasMethod is removed from Auth_application::Auth_application but

Auth_application::hasCapability  still invokes Registry::hasMethod.

New loop backtrack is:



Perms_datatree::hasPermission -> Perms_datatree::getPermissions -> 
Group::singleton -> Auth_application::hasCapability -> 
Registry::hasMethod -> Registry::_fillAPICache -> Registry::listApps 
-> Registry::hasPermission -> Perms_datatree::hasPermission



Happy New Year! All the best wishes to you!!


12/24/2004 04:00:52 AM Chuck Hagenbuch Comment #2
State ⇒ Resolved
Reply to this comment
Fixed now in CVS, thanks for the analysis.
12/22/2004 03:44:44 PM rvs (at) angara (dot) ru Comment #1
State ⇒ Unconfirmed
Priority ⇒ 3. High
Type ⇒ Bug
Summary ⇒ Endless loop in group permissions check
Queue ⇒ Horde Framework Packages
Reply to this comment
Testing HEAD horde framework.

The Authentication driver is configured as application (IMP).

I have set up one group and filled it with user names.

Then I set up a permission to allow SHOW/READ access

to an application, for example, nag.

When I try to invoke nag an endless loop encountered and the browser 
freezes until script exec timeout is run out.

The loop path/backtrace when the group permissions for the application 
are checked is listed below:



Perms_datatree::hasPermission -> Perms_datatree::getPermissions -> 
Group::singleton -> Auth::singleton -> Auth::factory -> 
Auth_application::Auth_application -> Auth_application::_setParams -> 
Registry::hasMethod -> Registry::_fillAPICache -> Registry::listApps 
-> Registry::hasPermission -> Perms_datatree::hasPermission


Saved Queries