Bug 102157 - Run CMS in an excursion
Run CMS in an excursion
Product: Red Hat Enterprise CMS
Classification: Retired
Component: other (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Justin Ross
Jon Orris
Depends On:
Blocks: 101458
  Show dependency treegraph
Reported: 2003-08-11 17:10 EDT by Jon Orris
Modified: 2007-04-18 12:56 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-10-10 17:21:33 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jon Orris 2003-08-11 17:10:54 EDT
Description of problem:
Run CMS in an excursion so that we can set permissionsDMLChecking to true.
Comment 1 Daniel Berrange 2003-08-12 05:16:27 EDT
All of CMS except the item admin pages already run within a CMSExcursion. Item
admin pages were omitted originally because I didn't want to cause two DB hits -
one loading the ContentItem  in the excursion & the other in the
ItemSelectionModel. Now that we have better caching in persistence there is no
reason why all of CMS can't run within an excursion.

Having said that, this will not be /any/ help wrt to permissionsDMLChecking,
because the fundamental problem is that use of permissions within CMS is not at
all consistent with the semantics required by permissionsDMLChecking. Primarily
this is because the object contexts are not set up on any object except
ContentItems & Folders, and knowing the CMS code I'm sure there other equally
awful problems.
Comment 2 Jon Orris 2003-08-12 12:22:46 EDT
> Having said that, this will not be /any/ help wrt to permissionsDMLChecking

I should've expanded upon the original description a bit. The idea Justin & Rafi
have is to run all CMS requests in a special excursion that disables
permissionsDMLChecking. This would enable us to set this value to true for
portalserver & apps, and yet not break CMS.

We're currently exploring whether this is feasible to get in for Troika final,
or if we'll have to punt to an 6.0.1 and/or Rickshaw release.
Comment 3 Justin Ross 2003-08-13 23:40:33 EDT
Moving to QA ready.  The following changes make CMS code run in a
DML-checking-free zone:

Change 34648 on 2003/08/13 by justin@justin-bumblebee

       For bz 102157, the last instance I could find where CMS code needs to
       run without DML permission checking.

Change 34620 on 2003/08/13 by justin@justin-bumblebee

       Another part of bz 102157. Makes sure the scheduler task runs in a
       kernel excursion disabling DML permission checking.

Change 34617 on 2003/08/13 by justin@justin-bumblebee

       Per bz 102157, this change has the effect of disabling DML permission
       checking anywhere CMSExcursion is used.  This change may be rolled back
       before release.  There's discussion on the ticket about why this is
       You will need to set permissionsDMLChecking to true in order to try
       this out.

As the last message notes, if we run into any significant trouble with these
changes, we're going to role them back.

Note You need to log in before you can comment on or make changes to this bug.