Issue with right on XWikiAllGroup on Page and children

Hello,

I’m not sure you will be able to help me but maybe you can give me some clue. It maybe come from my environement somehow and not sure you will be able to reproduce it. If so I will open a jira issue.

I’m using XWiki 10.11.9 but the issue is also present on 12.10.3 for me.

I have some public Wiki on my application. Guest can read main page and subpage, but also Authenticated user ( XWikiAllGroup )

I’m using the property xwiki.authentication.group.allgroupimplicit=1 so every logged are member

This is an exemple of our public content, we are calling our wiki “Collab environement”, it’s not really important but there is also member / editor / admin access to theses collab, for them eveything works they have different right ( they do not depends of XWikiAllGroup ) but a logged user in a public Collab that depend on XWikiAllGroup won’t see theses sub menus

If you go as not logged user you will see every submenu on the left Getting Started Announcement etc … If you are logged you can’t see them

So what I did is with an XWikiAdminGroup account I go to the WebPreference to check the Page and Children right for XWikiAllGroup

I have the same config for unregistred user ( that works )

So to fix my issue I uncheck the view case for XWikiAllGroup and I check it again … And then it works, rights are well apply to XWikiAllGroup and then can see the subpage.

If I compare the version of the WebPreferences before and after the change, never change of course except the number version of the file and the date.

At the end I just unchecked/recheck the view right and it works.

If I restart my tomcat, XWikiAllGroup rights will be broken again and I have to reapply the right again. It’s so weird !

How is this possible ? Do you have any clue ? Thanks !

I finally fixed it !

So this was the issue. I had some spaces that we called Collabs. Theses collabs are listed as Entries in an App Within Minute and there id are store so Collabs.collab-id is the final space.

I have a macro of type XWiki.WikiMacroClass that display theses spaces on the homepage of my Wiki.

In this macro there was this line where collabId is a variable in my AWM entry

#set($collabURL =$xwiki.getDocument("Collabs.$collabId").getUrl())

And at the end, this line in a macro running on the homepage somehow broke the XWIkiRight for parent and children in the mentioned space Collabs.$collabId so at each restart of the tomcat rights of theses spaces is broke and just editing with Admin account an entry in the AWM solved it. at the end we removed this line to replace it by

#set($collabURL = '/bin/view/Collabs/'+$collabId)

Maybe this doesn’t tell you anything. Anyway it solved.

I will try on JIRA to open an issue if I’m able to reproduce this bug in an empty instance of XWiki so I will indicate the step about how to reproduce.

It seems minor and very specific usage, but at the end we was doing something very common just listing some “favorite” wiki (Our Collabs. space) on the homepage and it broke the rights to subpage of theses spaces for everyone except XWikiGuest which was really weird.

We have same kind of issue wirth our skin and overidding of templates.

Exemple the burger menu is hidden in our app, also the left menu and we have a favicon. If I go to our Skin with the admin user and if I save the skin ( without chaning anything ), everything is applied menu is hidden and favicon is present. Then if I restart tomcat left menum, burger menu are back and favicon is gone replaced by the XWiki default one. It looks like the same kind of permission issue caused by one of our macro.

I’m trying hard to reproduce it on a fresh instance of XWiki but it’s not easy to found the real cause …

FYI : We fixed the favicon and theme issue. We have a custom skin HbpSkin.xml in our flavor, he was not applied. Every restart of xwiki favicon and other template overrided was the Skin was ignored !

We though that was caused by theses new classification TechnicalPage contentPages visibleTechnicalPage`

We puth our HbpSkin as visibleTechnicalPage but it didn’t works. If I save the skin in the UI after (editing and saving it even without changhing anything) it was apply but it was not apply anymore at the restart of the tomcat.

At the end I found a very strange fix. Instead of having a terminal page for the Skin HbpSkin.xml I edited it as non-terminal page so a new space HbpSkin.WebHome.xml and then it worked even after restart. The content of the xml didn’t change at all.

I think it’s a very weird issue ansd a very weird workaround. I don’t know the cause but I hope it will help someone.

Could it be that you’ve used the wrong reference to your wiki page, forgetting to put the .WebHome suffix?

Hey do you mean

<xwikidoc version="1.3" reference="Collaboratory.UX.HbpSkin" locale=""> ?

Because yes I did not have the .WebHome now I have it

<xwikidoc version="1.4" reference="Collaboratory.UX.HbpSkin.WebHome" locale="">

So I should put this .WebHome even in a terminal page which is not called WebHome.xml ? For exemple me that was HbpSkin.xml so the reference was juste Collaboratory.UX.HbpSkin

This piece of code was working with 10.11.9 I don’t know if it’s now working as it should or if it’s a regression. But thanks for pointed it !