allowedRolesAndUsers: View or Access contents information?

[erral]

I want to raise again the discussion that happened in the closed #2723 PR regarding the use of Access contents information permission in the Catalog filtering instead of View.

In that discussion it was said that it is better to have a new issue and discuss it here instead of discussing there.

The whole point is that the catalog patch was modified in order to check for Access contents information permission instead of View when doing the catalog request.

It looks like the change was made in order to be able to query for metadata of content that the user is not allowed to View, contrary to the docstring of the said function itself.

I also think that the PR was wrong.

@rber474

[rber474]

As an expansion to what @erral pointed:

A private website, where some contents can indeed be published for anonymous users, has defined a workflow in which, when in a published state, only authenticated users have access to the content.
In the published workflow state, it is defined that "Access contents information" and "View" are not associated with "Anonymous".

However, if the index "allowedRolesAndUsers" uses the permission "Access contents information", catalog searches will return results. For example, if there is a portlet displaying such content, the anonymous user shouldn't obtain it, but does.

Another example is navigation; if a user doesn't have access to a content, they shouldn't be able to see it in the menu.

Basically, actual behaviour acts as an unrestrictedSearch.