6.0.0-git
2021-01-18

[#1004] Endless loop in group permissions check
Summary Endless loop in group permissions check
Queue Horde Framework Packages
Type Bug
State Resolved
Priority 3. High
Owners chuck (at) horde (dot) org
Requester rvs (at) angara (dot) ru
Created 2004-12-22 (5871 days ago)
Due
Updated 2004-12-31 (5862 days ago)
Assigned 2004-12-31 (5862 days ago)
Resolved 2004-12-31 (5862 days ago)
Milestone
Patch No

History
2004-12-31 04:44:01 Chuck Hagenbuch Comment #4
State ⇒ Resolved
Reply to this comment
Okay. Now hasMethod() isn't called when we're just checking 
hasCapability('groups'). That should do it.
2004-12-31 04:37:07 Chuck Hagenbuch Assigned to Chuck Hagenbuch
State ⇒ Assigned
 
2004-12-30 18:38:59 rvs (at) angara (dot) ru Comment #3 Reply to this comment
Not resolved; suggest to reopen bug.

Registry::hasMethod is removed from Auth_application::Auth_application but

Auth_application::hasCapability  still invokes Registry::hasMethod.

New loop backtrack is:



Perms_datatree::hasPermission -> Perms_datatree::getPermissions -> 
Group::singleton -> Auth_application::hasCapability -> 
Registry::hasMethod -> Registry::_fillAPICache -> Registry::listApps 
-> Registry::hasPermission -> Perms_datatree::hasPermission



Happy New Year! All the best wishes to you!!


2004-12-24 04:00:52 Chuck Hagenbuch Comment #2
State ⇒ Resolved
Reply to this comment
Fixed now in CVS, thanks for the analysis.
2004-12-22 15:44:44 rvs (at) angara (dot) ru Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 3. High
Summary ⇒ Endless loop in group permissions check
Queue ⇒ Horde Framework Packages
Reply to this comment
Testing HEAD horde framework.

The Authentication driver is configured as application (IMP).

I have set up one group and filled it with user names.

Then I set up a permission to allow SHOW/READ access

to an application, for example, nag.

When I try to invoke nag an endless loop encountered and the browser 
freezes until script exec timeout is run out.

The loop path/backtrace when the group permissions for the application 
are checked is listed below:



Perms_datatree::hasPermission -> Perms_datatree::getPermissions -> 
Group::singleton -> Auth::singleton -> Auth::factory -> 
Auth_application::Auth_application -> Auth_application::_setParams -> 
Registry::hasMethod -> Registry::_fillAPICache -> Registry::listApps 
-> Registry::hasPermission -> Perms_datatree::hasPermission


Saved Queries