Forum OpenACS Development: Re: Login timeout problem in 5.0

Collapse
Posted by Dave Bauer on
It's almost 4 years later and this is still not really resolved :)

Here is what I learned today.

permission::permission_p will call auth::require_login if you have an expired session and the privielge that is being checked is not granted to the public.

This can cause unexpected requests to login to view a public page (say a weblog) if your session has expired.

This happens when the code contains something like this

set admin_p [permission::require_permission \
    -object_id [ad_conn package_id] \
    -party_id [ad_conn user_id] \
    -privilege admin

If the public does not have admin on the requested object BUT the untrusted user (user_id of expired session) does have admin the user will be redirected to login.

It doesn't make sense to require to user to login just to view the link. This is what Lars mentioned in the original post.

It appears permission_p calls auth::require_login because permisison::require_permission calls permission_p.

In any case. if you are calling permisison_p frm within a user tcl script it doesn't make sense to require login just to view a link etc. The script should call 1) auth::require_login and/or 2) permission::require_permission to require a certain permission to view the page.

One solution might be
adding a switch to permission::permission_p -require_login that is used by permission::require_permission that forces the login, but uses ot permission::permission_p to just return the boolean to present a admin link would not force a login.

Any comments?

Collapse
Posted by Malte Sussdorff on
Yes, I reported that problem some time ago and you already mentioned the problem back then and I totally agree it needs fixing. We can either have a user cookie and expire that one as well, or we just fix permission_p (or whatever you would like to fix in what variety).
Collapse
Posted by Don Baccus on
Seems reasonable as long as the RP uses require_permission (or the switch) to enforce admin-only access to admin pages.

(I'm too tired after flying home from madrid to look right now)