OroPlatform Forums

Covering OroPlatform topics, including community updates and company announcements.

Forums Forums OroPlatform OroPlatform – Security bug report – set role permission – 500 Internal Server Error

This topic contains 4 replies, has 2 voices, and was last updated by  Ahmad Golzar 9 years, 7 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

  • Creator
    Topic
  • September 17, 2014 at 5:41 am #35475

    Ahmad Golzar
    Participant

    Hi,

    When I try to set permission for a role for entities that do not have “owner” field (like “workflow” or “contact request” entities) I get: 500 Internal Server Error

    I tested this on the demo site as well. Same result.

    On my local system in dev environment I get this exception:

    Invalid ACL mask “(SADECV) .. system:..DEC. global:…… deep:…… local:…… basic:…..V” for ObjectIdentity(entity, OroCRM\Bundle\ContactUsBundle\Entity\ContactRequest).
    500 Internal Server Error – InvalidAclMaskException
    Stack Trace
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Extension/AbstractAclExtension.php at line 118
    $msg = sprintf(‘%s %s’, $errorDescription, $msg);
    }
    return new InvalidAclMaskException($msg);
    }
    }
    at AbstractAclExtension ->createInvalidAclMaskException (‘234881025’, object(ObjectIdentity))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Extension/EntityAclExtension.php at line 226
    at EntityAclExtension ->validateMask (‘234881025’, object(ObjectIdentity))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Persistence/AclManager.php at line 638
    $key = $this->getKey($oid);
    if ($this->items[$key]->getState() !== BatchItem::STATE_DELETE) {
    $extension = $this->extensionSelector->select($oid);
    $extension->validateMask($mask, $oid);
    if ($acl === null && $this->items[$key]->getState() === BatchItem::STATE_CREATE) {
    $this->items[$key]->addAce($type, $field, $sid, $granting, $mask, $strategy);
    } else {
    at AclManager ->doSetPermission (object(RoleSecurityIdentity), object(ObjectIdentity), true, ‘Class’, null, ‘234881025’, true, null)
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Persistence/AclManager.php at line 555
    */
    protected function setClassPermission(SID $sid, OID $oid, $mask, $granting = true, $strategy = null)
    {
    $this->doSetPermission($sid, $oid, true, self::CLASS_ACE, null, $mask, $granting, $strategy);
    }
    /**
    at AclManager ->setClassPermission (object(RoleSecurityIdentity), object(ObjectIdentity), ‘234881025’, true, null)
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Persistence/AclManager.php at line 336
    } else {
    $extension = $this->extensionSelector->select($oid);
    if ($oid->getIdentifier() === $extension->getExtensionKey()) {
    $this->setClassPermission($sid, $oid, $mask, $granting, $strategy);
    } else {
    $this->setObjectPermission($sid, $oid, $mask, $granting, $strategy);
    }
    at AclManager ->setPermission (object(RoleSecurityIdentity), object(ObjectIdentity), ‘234881025’, true, null)
    in kernel.root_dir/cache/dev/appDevDebugProjectContainer.php at line 38649
    at OroBundleSecurityBundleAclPersistenceAclManager_0000000038c61b3e000000003be54759 ->setPermission (object(RoleSecurityIdentity),object(ObjectIdentity), ‘234881025’)
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Persistence/AclPrivilegeRepository.php at line 352
    $this->manager->deletePermission($sid, $oid, $existingMask);
    } else {
    // update existing ACE using $mask, if permissions provide by $mask and $rootMask are different
    $this->manager->setPermission($sid, $oid, $mask);
    }
    }
    at AclPrivilegeRepository ->updateExistingPermissions (object(RoleSecurityIdentity), object(ObjectIdentity), ‘234881024’, array(‘234881025’), array(‘0’),object(EntityAclExtension))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Acl/Persistence/AclPrivilegeRepository.php at line 223
    at AclPrivilegeRepository ->savePrivileges (object(RoleSecurityIdentity), object(ArrayCollection))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/UserBundle/Form/Handler/AclRoleHandler.php at line 203
    at AclRoleHandler ->processPrivileges (object(Role))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/UserBundle/Form/Handler/AclRoleHandler.php at line 136
    at AclRoleHandler ->process (object(Role))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/UserBundle/Controller/RoleController.php at line 80
    at RoleController ->update (object(Role))
    in /home/demo/public_html/vendor/oro/platform/src/Oro/Bundle/UserBundle/Controller/RoleController.php at line 46
    at RoleController ->updateAction (object(Role))
    at call_user_func_array (array(object(RoleController), ‘updateAction’), array(object(Role)))
    in kernel.root_dir/bootstrap.php.cache at line 2844
    at HttpKernel ->handleRaw (object(Request), ‘1’)
    in kernel.root_dir/bootstrap.php.cache at line 2818
    at HttpKernel ->handle (object(Request), ‘1’, true)
    in kernel.root_dir/bootstrap.php.cache at line 2947
    at ContainerAwareHttpKernel ->handle (object(Request), ‘1’, true)
    in kernel.root_dir/bootstrap.php.cache at line 2249
    at Kernel ->handle (object(Request))
    in /home/demo/public_html/web/app_dev.php at line 29

    Please let me know how I can fix this.
    Thanks

  • Creator
    Topic
Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)

The forum ‘OroPlatform – Security’ is closed to new topics and replies.

Back to top