Clarification about Search function

[frommilan]

Hi.

I'm testing OpenKm for the company I work for . In my tests I would allow a user to see just some path and some document of the repository "okm:root" : it was easy, the user can see only 10 of 165 documents loaded.

When the user uses the search function, the same function shows more than 10 documents, for ex. 165, and the user can open them: in my opinion this is not correct. How can I restrict the search result only to 10 documents that I have authorized in read?

Thank you in advance.

[jllort]

if user has grants to only see 10 documents, search engine mandatory only must show 10 documents. If not there's a bug.

Could try reproduce it in our online demo ? if you need administrator grants for doing it tell me and I'll give to you.

[pavila]

Please, post the the steps to reproduce the issue. The most details the better.

[frommilan]

Hi.

In my tests I have defined a user “Benagliaa” and in taxonomy I have defined three folders:
“marketing 2010 km”
"FINANZIAMENTI KM2"
"SITI WEB KM" (sorry for the Italian names !!).

I have loaded, as user okAdmin, a total of 165 files for a demo.

Under folder “marketing 2010 km” there are now 10 files, divided in three sub-folders. The rule for the security is:
UserRole: green mark
Benagliaa: green mark
The rule in the security folder for "FINANZIAMENTI KM2" e "SITI WEB KM" is:
UserRole: red cross
Benagliaa: not indicated

User Benaglia, after the login screen, in the Taxonomy, can see only the folder “marketing 2010 km” with its sub-folders and 10 files: that’s correct, very correct!!!

When user Benagliaa does a search using a key “Offerta” (Offering in English) in the “Name” item, the system lists three file, with “Offerta” in the name, overall three. However these three files are in the folder "SITI WEB KM", and the I expect the system doesn’t show them.

I hope that explication is clear enough. Otherwise I can send you a powerpoint/word file containing printing screens.

Thank you

Gianfranco

[frommilan]

Hi.

Another very sample example found during my tests.

I have used as user the code "Benagliaa". Via user "openKM" I have inserted the same rule for all the three paths positioned under okm:root. , The rule is:
UserRole : red cross

Naturally, when user Benagliaa connects to OpenKM, in Taxonomy he doesn't see any folder. That's correct!!
But if the same user tries to do a search, the system shows all the files matching selection criteria.
In this case I expect not see any files. Is it correct?

It seems that the function "Search" does not examine the security policy imposed.

Best regards

Gianfranco

[pavila]

I'm not sure what yo mean with "UserRole: green mark" and "UserRole: red cross". Which security check box are checked? An screenshot may help.

Which permissions have these three files are in the folder "SITI WEB KM"?

[frommilan]

Sorry,

I have tried to send the requested screenshot, but the mail system says "The extension odp is not allowed" .

How can I send you my screenshots?

Thank you!

Gianfranco

[jllort]

put into a zip file or directly some jpg or gif file

[frommilan]

Hi.

I send you the requested screenshot.

Thanks.

[pavila]

Can you tell me the rights of any of these files that should be listed in the search?

[frommilan]

All the files have the same rights showed in attachment.

[pavila]

As I have seen in the screenshot, the files have read grant for UserRole. So, these files will be accessible from every OpenKM user.

[frommilan]

Ok, thank you very match indeed.