[AUTOMATED] Insert Include Macro with target document author [Since XWiki 14.10.2]
Last modified by Ilie Andriuta on 2024/06/27 16:33
Steps to reproduce
- Login as Admin
- Create a page (e.g. P1) containing a velocity macro (e.g.
{{velocity}}
#set($words = ["Some", "velocity", "code"])
#foreach($word in $words)
$word
#end
{{/velocity}} - Login as a regular user (e.g. U1)
- Edit another page in CKEditor mode
- Click on "Insert" Button (the "+" icon)
- Click on "Other Macros"
- Search for "Include" and click Select
- In 'Page' drop-down, select the page created by Admin previously (e.g. P1)
- On 'Author' drop-down, make sure "Auto" is selected
- Click "Submit"
- Edit the "Include" macro again
- On 'Author' drop-down, select "Current"
- Click "Submit"
- Edit the "Include" macro again
- On 'Author' drop-down, select "Target"
- Click "Submit"
Expected results
Step 10 and Step 13 - An error is displayed on the macro:
"Failed to execute the [velocity] macro. Cause: [The execution of the [velocity] script macro is not allowed in [xwiki:P1.WebHome]. Check the rights of its last author or the parameters if it's rendered from another script.]. Click on this message for details."
This is due to the fact that "Auto" and "Current" settings enable the macro coming from the target page to be executed with the rights of the regular user (U1), while the target page was created and saved by Admin.
Step 16 - Although the current page (P2) is created by the regular user (U1), the content of the macro is executed with the rights of target document (Admin rights) and the content is displayed properly.
Automation Status
Automated
Results
| per page of Previous Page Next Page Page | |||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||
| Previous Page Next Page Page | |||||||||||||||||||||||||||||||||
