Change Details

## Part 1 - test that no permission redirect happens when user has no permissions, and not happens when user has permissions for action # change code of the `core/admin_templates/languages/email_template_list.tpl` - remove `<inp2:m_if check="m_IsDebugMode"> check around `Add` button # go to {nav User Management > Administrators} # add standard administrator user by entering only required fields - Password and E-mail # log into adm.console with non-root administrative user # switch off debug mode # go to {nav Website & Content > E-mail Templates} # press `Add` button # confirm that happened redirect to the `No Permission` page # go to {nav Website & Content > E-mail Templates} # choose some template in the `E-mail Templates ` grid and press `Edit` button # confirm that opened `Editing E-mail Template` page without any permission errors ## Part 2 - tests that no permissions redirect happens correctly after changes in kCatDBEventHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:main_import.view'` # login as non-root administrator user # go to {nav Website & Content > Structure & Data > Products} # go to `Products` tab # press `Tools -> Export` button # confirm that `No Permission` page is shown ## Part 3 - tests that no permissions redirect happens correctly after changes in CategoriesEventHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:service.edit'` # login as non-root administrator user # go to {nav Tools > System Tools} # press `Reset` button in the section `Front-end`, in subsection `Reset SMS Menu Cache` # confirm that `No Permission` page is shown ## Part 4 - tests that no permissions redirect happens correctly after changes in AdminEventsHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:sql_query.view'` # login as non-root administrator user # go to {nav Tools > Query Database} # press `Run SQL` button in the toolbar # confirm that `No Permission` page is shown ## Part 5 - tests that no permissions redirect happens correctly after changes in ContentEventHandler::CheckPermission # login as non-root administrator user # go to {nav Browse Website} # click on `Content Mode` tab # confirm, that page with `Edit Content` button is shown # execute SQL like `UPDATE inp_Permissions SET PermissionValue = 0 WHERE Permission = 'CATEGORY.MODIFY'`; # click on `Edit Content` button # confirm that `No Permission` page is shown ## Part 6 - tests that no permissions redirect happens correctly after changes in PageRevisionEventHandler::CheckPermission # logout # try go to url like "../admin/index.php?events[page-revision]=OnSave" # confirm that "next_template=no_permission" persists in resulting URL ## Part 7 - tests that no permissions redirect happens when somebody trying to edit link owned by different user # create some link in the adm.console, with root as owner # ensure log-out status on front-end # go to link like `http://localhost/5.2.x/index.php?events[l]=OnMassMoveUp&l[1][LinkId]=on` where 1 is id of created link # confirm that `No Permission` page is shown

## Part 1 - test that no permission redirect happens when user has no permissions, and not happens when user has permissions for action # change code of the `core/admin_templates/languages/email_template_list.tpl` - remove `<inp2:m_if check="m_IsDebugMode"> check around `Add` button # go to {nav User Management > Administrators} # add standard administrator user by entering only required fields - Password and E-mail # log into adm.console with non-root administrative user # switch off debug mode # go to {nav Website & Content > E-mail Templates} # press `Add` button # confirm that happened redirect to the `No Permission` page # go to {nav Website & Content > E-mail Templates} # choose some template in the `E-mail Templates ` grid and press `Edit` button # confirm that opened `Editing E-mail Template` page without any permission errors ## Part 2 - tests that no permissions redirect happens correctly after changes in kCatDBEventHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:main_import.view'` # login as non-root administrator user # go to {nav Website & Content > Structure & Data > Products} # go to `Products` tab # press `Tools -> Export` button # confirm that `No Permission` page is shown ## Part 3 - tests that no permissions redirect happens correctly after changes in CategoriesEventHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:service.edit'` # login as non-root administrator user # go to {nav Tools > System Tools} # press `Reset` button in the section `Front-end`, in subsection `Reset SMS Menu Cache` # confirm that `No Permission` page is shown ## Part 4 - tests that no permissions redirect happens correctly after changes in AdminEventsHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:sql_query.view'` # login as non-root administrator user # go to {nav Tools > Query Database} # press `Run SQL` button in the toolbar # confirm that `No Permission` page is shown ## Part 5 - tests that no permissions redirect happens correctly after changes in ContentEventHandler::CheckPermission # login as non-root administrator user # go to {nav Browse Website} # click on `Content Mode` tab # confirm, that page with `Edit Content` button is shown # execute SQL like `UPDATE inp_Permissions SET PermissionValue = 0 WHERE Permission = 'CATEGORY.MODIFY'`; # click on `Edit Content` button # confirm that `No Permission` page is shown ## Part 6 - tests that no permissions redirect happens correctly after changes in PageRevisionEventHandler::CheckPermission # logout # try go to url like "../admin/index.php?events[page-revision]=OnSave" # confirm that "next_template=no_permission" persists in resulting URL ## Part 7 - tests that no permissions redirect happens when somebody trying to edit link owned by different user # create some link in the adm.console, with root as owner # ensure log-out status on front-end # go to link like `http://localhost/5.2.x/index.php?events[l]=OnMassMoveUp&l[1][LinkId]=on` where 1 is id of created link # confirm that `No Permission` page is shown ## Part 8 - tests that no permissions redirect happens when somebody trying to edit category item (link) under category, where links creation is disabled # log in as non root administrator user # create some link, confirm, that link creation is successful, without "no permission" redirect # open to edit category, in which link was created # on permissions tab of category edit form disable "LINK.ADD" and "LINK.ADD.PENDING" permissions (uncheck "Inherited" and "Access" checkboxes for "Add Link" and "Pending Link" permissions), press `Save` button # try create some link under same category as previous link was created # confirm, that after pressing `Save` while adding new link happens "no permission" redirect ## Part 9 - tests that no permissions redirect happens when somebody trying to edit category owned by different user # log in as non root administrator user # create some category in the administrative console, with current logged in user as owner # confirm that "Up" / "Down" buttons works properly in the administrative console categories grid with just created category, checked for these actions # ensure log-out status on front-end # go to link like `http://localhost/5.2.x/index.php?events[c]=OnMassMoveUp&c[139][CategoryId]=on` where 139 is id of created category # confirm that `No Permission` page is shown

## Part 1 - test that no permission redirect happens when user has no permissions, and not happens when user has permissions for action # change code of the `core/admin_templates/languages/email_template_list.tpl` - remove `<inp2:m_if check="m_IsDebugMode"> check around `Add` button # go to {nav User Management > Administrators} # add standard administrator user by entering only required fields - Password and E-mail # log into adm.console with non-root administrative user # switch off debug mode # go to {nav Website & Content > E-mail Templates} # press `Add` button # confirm that happened redirect to the `No Permission` page # go to {nav Website & Content > E-mail Templates} # choose some template in the `E-mail Templates ` grid and press `Edit` button # confirm that opened `Editing E-mail Template` page without any permission errors ## Part 2 - tests that no permissions redirect happens correctly after changes in kCatDBEventHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:main_import.view'` # login as non-root administrator user # go to {nav Website & Content > Structure & Data > Products} # go to `Products` tab # press `Tools -> Export` button # confirm that `No Permission` page is shown ## Part 3 - tests that no permissions redirect happens correctly after changes in CategoriesEventHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:service.edit'` # login as non-root administrator user # go to {nav Tools > System Tools} # press `Reset` button in the section `Front-end`, in subsection `Reset SMS Menu Cache` # confirm that `No Permission` page is shown ## Part 4 - tests that no permissions redirect happens correctly after changes in AdminEventsHandler::CheckPermission # execute SQL like `DELETE FROM inp_Permissions WHERE Permission = 'in-portal:sql_query.view'` # login as non-root administrator user # go to {nav Tools > Query Database} # press `Run SQL` button in the toolbar # confirm that `No Permission` page is shown ## Part 5 - tests that no permissions redirect happens correctly after changes in ContentEventHandler::CheckPermission # login as non-root administrator user # go to {nav Browse Website} # click on `Content Mode` tab # confirm, that page with `Edit Content` button is shown # execute SQL like `UPDATE inp_Permissions SET PermissionValue = 0 WHERE Permission = 'CATEGORY.MODIFY'`; # click on `Edit Content` button # confirm that `No Permission` page is shown ## Part 6 - tests that no permissions redirect happens correctly after changes in PageRevisionEventHandler::CheckPermission # logout # try go to url like "../admin/index.php?events[page-revision]=OnSave" # confirm that "next_template=no_permission" persists in resulting URL ## Part 7 - tests that no permissions redirect happens when somebody trying to edit link owned by different user # create some link in the adm.console, with root as owner # ensure log-out status on front-end # go to link like `http://localhost/5.2.x/index.php?events[l]=OnMassMoveUp&l[1][LinkId]=on` where 1 is id of created link # confirm that `No Permission` page is shown ## Part 8 - tests that no permissions redirect happens when somebody trying to edit category item (link) under category, where links creation is disabled # log in as non root administrator user # create some link, confirm, that link creation is successful, without "no permission" redirect # open to edit category, in which link was created # on permissions tab of category edit form disable "LINK.ADD" and "LINK.ADD.PENDING" permissions (uncheck "Inherited" and "Access" checkboxes for "Add Link" and "Pending Link" permissions), press `Save` button # try create some link under same category as previous link was created # confirm, that after pressing `Save` while adding new link happens "no permission" redirect ## Part 9 - tests that no permissions redirect happens when somebody trying to edit category owned by different user # log in as non root administrator user # create some category in the administrative console, with current logged in user as owner # confirm that "Up" / "Down" buttons works properly in the administrative console categories grid with just created category, checked for these actions # ensure log-out status on front-end # go to link like `http://localhost/5.2.x/index.php?events[c]=OnMassMoveUp&c[139][CategoryId]=on` where 139 is id of created category # confirm that `No Permission` page is shown