Project

General

Profile

Actions

Defect #9308

closed

Search fails when a role haven't "view wiki" permission

Added by pasquale [:dedalus] over 12 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Category:
Search engine
Target version:
Start date:
2011-09-22
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

I have configured a role that haven't the "view wiki" permission.
When a user that has this role (in all projects) search for some word, redmine fails with this message (bug-in-action.jpg)
If I grant the permission to the role, all works fine.
This is a major bug because normal user can think that the site don't work.

In the log file, I see that the query fails on where condition because "text" field is unknown.

ps: the behavior of redmine in this case is very strange: for example, if I search for mail I have an error, but if I search for mail. all works fine


Files

bug-in-action.jpg (50.7 KB) bug-in-action.jpg pasquale [:dedalus], 2011-09-22 21:24
Actions #1

Updated by pasquale [:dedalus] over 12 years ago

pasquale [:dedalus] wrote:

In the log file, I see that the query fails on where condition because "text" field is unknown.

this is the log message:


Processing SearchController#index (for 85.33.108.241 at 2011-09-22 11:57:15) [GET]
  Parameters: {"action"=>"index", "q"=>"mail", "controller"=>"search"}

ActiveRecord::StatementInvalid (Mysql::Error: Unknown column 'text' in 'where clause': SELECT * FROM `wiki_pages` 
WHERE ((1=0) AND (((LOWER(title) LIKE '%mail%') OR (LOWER(text) LIKE '%mail%'))))  ORDER BY wiki_pages.created_on 
DESC LIMIT 11):
  app/controllers/search_controller.rb:77:in `index'
  app/controllers/search_controller.rb:76:in `each'
  app/controllers/search_controller.rb:76:in `index'
  config/initializers/mongrel_cluster_with_rails_211_fix.rb:62:in `dispatch_cgi'

Actions #2

Updated by Etienne Massip over 12 years ago

  • Target version set to Candidate for next minor release

Definitely reproduced, big one, thanks.

Actions #3

Updated by Etienne Massip over 12 years ago

  • Status changed from New to Resolved
  • Target version changed from Candidate for next minor release to 1.2.2
  • Resolution set to Fixed

Fixed with r7568.

Actions #4

Updated by Jean-Philippe Lang over 12 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF