Hide application folder from other users if visibility script could not be evaluated #2689
Description
Environment
- Platform version: tested on 7.1.4 and 7.2-beta1
Description of the bug or enhancement
- Minimal reproducible example
- enable application folders
cuba.web.foldersPaneEnabled = true - create application main window with the top-menu
- login with 'admin'
- open Users-browser and perform search
- save as application folders
- specify some incorrect visibility script
userSession.currentOrSubstitutedUser.login in {'admin', 'user1'}
See here is the intention to show the folder only to 'admin' and 'user1'
- Save
- Login with 'user2'
- Actual behavior
The folder is available for 'user2'
There is no means to check the script in the folder properties,
The user should test it: log in with 'user1' - ensure the folder is available, Then log in by some another user and ensure the folder is not available...
The user finally discovers the problem by viewing app.log (This administartion-screen is hidden from not privileged users).
2020-02-10 10:28:18.678 DEBUG [http-nio-8080-exec-23/app-core/admin] com.haulmont.cuba.core.app.FoldersServiceBean - Loading AppFolders
2020-02-10 10:28:19.004 WARN [http-nio-8080-exec-23/app-core/admin] com.haulmont.cuba.core.app.FoldersServiceBean - Unable to evaluate AppFolder visibility script for folder: id: ea349d80-80f4-e7f9-c0bb-34e7cdc13d69 name: usersAF
org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
Script1.groovy: 2: unexpected token: admin @ line 2, column 48.
ntOrSubstitutedUser.login in {'admin', '
^
- Suggestion
If the visibility script could not be evaluated the folder should be available only for the author (probably createdBy).