Description of problem:
During keep signing in on Zanata, no action items appears in Actions section on the project after creating the project.
Version-Release number of selected component (if applicable):
1.3 on fedora.zanata.org
Steps to Reproduce:
1.sign in Zanata
2.create the project
3.move into the project created in step 2.
I can see the created projects and my name in the maintainers, and even I can access to the projects through my profile. but no action items appears in Actions.
should appears the appropriate action items there.
It appears after re-signing into Zanata.
As following document shown:
Re-login is essential.
(In reply to comment #2)
> As following document shown:
> Re-login is essential.
That's not a solution but a workaround for the wrong behavior. if re-sign in is
essential, zanata should at least prompt to let users do so such as by expiring
the session and shouldn't allow one playing it around until re-signing in.
Is there a way in Seam to force the reloading of the logged-in users security permissions?
If there is, then we could put in a button to effect that, or we could call it on any page where it will be needed, like a project page.
I couldn't find it in a quick search, but yes, there must be some way of doing it. Ideally we would invalidate the permissions cache whenever the roles are changed. Failing that, we could at least give admins a button to clear the entire cache on demand.
Assigning to Scrum product owner for prioritisation.
This bug is corrected by changes in bug 727789.
The problem was that changes done to the project maintainers were not being reflected in the entities held by the security framework. I changed the way Zanata checks the maintainer status of a user against a project. Instead of checking on the person side, it now checks on the project side, which should have the latest information always, hence no need to log out anymore.
verified in Zanata version 1.6-SNAPSHOT (20120321-1619).
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Cause: Authorization checks were made by querying the security entity representing the user. However, when a user is made an owner of the project, the user entity is not updated, the project entity is updated. The user entity is only updated when the user logs in.
Consequence: When a user was given ownership of a project, they had to log out and log back in again before Zanata would authorize them as the owner of the project.
Fix: The authorization check is now made by querying the project entity, rather than the user entity.
Result: Users no longer have to log out and log back in again to update their authorizations when they are assigned ownership of a project.