CDS Invenio: Webaccess admin lib bug-fix
March 2nd, 2010 | 
Author: Some days ago I found a bug in webaccess, more precisely when dealing with roles and authorizations which involve special characters.
The bug
Lets suppose I want to restrict the execution of bibedit to role named ‘EditoresTAZ’ (existing role in my repository).
I go to http://my.repository.url/admin/webaccess/webaccessadmin.py/addauthorization
Then select role=’EditoresTAZ’, action=’runbibedit’ and check “connect editoresTAZ to runbibedit for only these argument cases: “.
When I enter a word with accents (i.e. “Trabajos académicos”, the ‘primary collection of a record’ and confirm the creation of the new authorization, there is some issue with accents. If I later check the recently created authorization the stored value for parameter collection is “Trabajos acadmicos” instead of “Trabajos académicos”. I guess this is due to some input character escaping.
The dirty fix
I have checked the accARGUMENT table in database and changed the value to ‘Trabajos académicos’ and the authorizations work fine.
The cool patch
The guys from CDS Support Team have already fixed things and the patch is in their GIT!
Take a look: cds-invenio GIT.
Diffstat (limited to 'modules/webaccess/lib/webaccessadmin_lib.py') (more/less context) (ignore whitespace changes) -rw-r--r-- modules/webaccess/lib/webaccessadmin_lib.py 6 1 files changed, 3 insertions, 3 deletions diff --git a/modules/webaccess/lib/webaccessadmin_lib.py b/modules/webaccess/lib/webaccessadmin_lib.py index ba8d77c..1dde940 100644 --- a/modules/webaccess/lib/webaccessadmin_lib.py +++ b/modules/webaccess/lib/webaccessadmin_lib.py @@ -2638,8 +2638,8 @@ def perform_addauthorization(req, id_role="0", id_action="0", optional=0, revers for key in res_keys: output += '<span class="adminlabel" style="margin-left: 30px;">%s </span>\n <input class="admin_wvar" type="text" name="%s"' % (key, key) try: - val = keywords[key] = cleanstring_argumentvalue(keywords[key]) - if val: output += 'value="%s" ' % (val, ) + val = keywords[key] # = cleanstring_argumentvalue(keywords[key]) + if val: output += 'value="%s" ' % (escape(val, True), ) else: allkeys = 0 except KeyError: allkeys = 0 output += ' /> <br />\n' @@ -2662,7 +2662,7 @@ def perform_addauthorization(req, id_role="0", id_action="0", optional=0, revers keywords = {} else: for key in keys: - text += '<strong>%s</strong>: %s \n' % (key, keywords[key]) + text += '<strong>%s</strong>: %s \n' % (escape(key), escape(keywords[key])) output += createhiddenform(action="addauthorization", text=text,
Working like a charm now 
Related posts:
Posted in CDS Invenio | 
Tags: accARGUMENT, authorization, authorizations, bug, cds, CDS Invenio, fix, git, patch, role, roles, webaccess, webaccessadmin_lib.py