Contribute Toolbar Appears Even if The User Should Not See It
(Doc ID 2282792.1)
Last updated on MARCH 08, 2019
Applies to:
Oracle WebCenter Portal - Version 12.2.1.1.0 and laterInformation in this document applies to any platform.
Symptoms
On : 12.2.1.1.0 version of WCP [ Complete version: 12.2.1.1.0(Build 160610.2201) ] the following behavior occured:
ACTUAL BEHAVIOR
---------------
In a Content Manager (out of the box) taskflow, the "Contribute" toolbar appears even if the logged-in user does not have contribute permissions on the documents.
EXPECTED BEHAVIOR
-----------------------
The "Contribute" toolbar should appear only for users that have this permission granted to them.
STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Create a standard portal app (using a default template) with a Documents Page and Content Manager (out of the box) taskflow
2. To the Portal app there were 2 users added as members : <ADMINUSER> - Administrator and <USER> - Viewer Role
3. Access the documents page as <ADMINUSER> --> "Contribute" toolbar appeared => OK
4. Access the documents page as <USER>--> "Contribute" toolbar did Not appeared => OK (since user has only Viewer Role)
5. Access the preview URL like below (using <USER>):
http://<HOSTNAME>:<PORT>/webcenter/portal/wccdoc?dDocName=<checked_in_contentid>
==> "Contribute" toolbar appeared => OK
Note:
Point 4 and 5 should behave identical since the same user <USER> was used and this has only "Viewer Role"
BUSINESS IMPACT
-----------------------
Due to this issue, users cannot be restricted to the their actual roles in the WebCenter Portal application.
Changes
No changes were done to the system.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |