Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-34695

Individual wiki displays edit/view permission error for student users

    Details

    • Database:
      PostgreSQL
    • Testing Instructions:
      Hide

      #. Create a wiki with mode=individual.
      #. Optional: Reduced the session timeout to 5 mins. (site admin > Server > Session handling > sessiontimeout
      #. Log in as a student and enter the course.
      #. Allow yourself to be distracted until the session timeout period has passed.
      #. Click on the wiki activity. You should be redirected to the login page, and after logging in, you should be redirected to the wiki page.
      #. Click the Create page button.

      Make sure you don't get "You can not edit this page" error.

      Show
      #. Create a wiki with mode=individual. #. Optional: Reduced the session timeout to 5 mins. (site admin > Server > Session handling > sessiontimeout #. Log in as a student and enter the course. #. Allow yourself to be distracted until the session timeout period has passed. #. Click on the wiki activity. You should be redirected to the login page, and after logging in, you should be redirected to the wiki page. #. Click the Create page button. Make sure you don't get "You can not edit this page" error.
    • Affected Branches:
      MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE
    • Pull from Repository:
    • Pull Master Branch:

      Description

      A problem exists where if by some means a 'group 0, user 0' subwiki (ie. the subwiki normally created for a collaborative non-grouped wiki) is created in a wiki configured for individual mode, any student users who have not yet had their subwiki created will receive a "You can not edit this page" or "You can not view this page" error message if they try to use the wiki activity. This is because the 'group 0, user 0' subwiki is being retrieved for the student instead of a new subwiki being created. Any student who had their subwiki created before the anomalous 'group 0, user 0' subwiki was created is unaffected.

      I'm unable to reproduce this situation through the UI under laboratory conditions, but it has definitely caused breakage in our Production environment and I have attached a demonstration course backup with test users and data that represents the same scenario. Student Alpha and Student Beta have had their subwiki created before the anomalous subwiki was created. Students Gamma and Delta will be unable to create their wiki. Logging in as each student and visiting the wiki in the course will demonstrate the relevant behaviour.

      My patch fixes the problem of the 'group 0, user 0' wiki being fetched and also includes a trap to hopefully help identify the pattern of usage that leads to this anomaly. Only master and MOODLE_22_STABLE have been tested and both exhibit the problem.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                5 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  14/Jan/13