Send Email sub-action doesn't set the current user to $dotcontent viewtool #28352
Labels
dotCMS : Workflow
LTS : Next
Ticket that will be added to LTS
OKR : Customer Success
Owned by Arno
OKR : Customer Support
Owned by Scott
QA : Approved
Release : 24.05.13
Bug Fixing
Team : Bug Fixers
Triage
Type : Defect
Parent Issue
No response
Problem Statement
Users can include velocity code in the body field for the Send Email actionlet so the workflow action executes the velocity code to build the email body. However, the $dotcontent viewtool methods are executed with the 'anonymous' user instead of the current user that executed the workflow action, causing that the $dotcontent.find() method cannot retrieve the current contentlet. This only happens if current contentlet is not public, meaning that the anonymous user doesn't have permissions to access the content.
Steps to Reproduce
Acceptance Criteria
The $dotcontent viewtool should use the current user that executed the workflow when executing the velocity code for Email body in the Send Email actionlet. The $dotcontent.find() method should return the requested contentlet given that the current user the executed the action has read permissions for the content.
dotCMS Version
24.04.16
The text was updated successfully, but these errors were encountered: