Bug 8266 - Editors receiving reviewer notifications get incorrect URLs
Editors receiving reviewer notifications get incorrect URLs
Status: RESOLVED WONTFIX
Product: OJS
Classification: Unclassified
Component: Editors
2.4.3
All All
: P3 normal
Assigned To: Jason Nugent
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-18 16:33 PDT by Alec Smecher
Modified: 2013-09-10 09:23 PDT (History)
2 users (show)

See Also:
Version Reported In:
Also Affects:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alec Smecher 2013-06-18 16:33:01 PDT
See http://pkp.sfu.ca/support/forum/viewtopic.php?f=8&t=10133 for details. The problematic line of code appears to be NotificationManager.inc.php line 70 (in OJS 2.4.2).
Comment 1 Jason Nugent 2013-09-04 07:01:35 PDT
Hi Alec,

Looking at this bug a bit more, the notification manager builds the url based on a call to _getCachedRole() which in turn looks at either privilegedRoles() or _getHighestPrivilegedRolesForArticle() for that user.  The bug report indicates that a journal editor is getting a link with 'reviewer' as the role, which seems to indicate that highest privileged role isn't the one being returned.  

This code also seems to make the assumption that the page op being included in the url exists in the handlers for all possible roles.
Comment 2 Alec Smecher 2013-09-04 08:57:21 PDT
Yes, I think that captures the bug. That code is a liability, and already gone for OJS 3.0a, but we ought to be able to patch this particular hole without too much work.
Comment 3 Jason Nugent 2013-09-10 09:23:28 PDT
This bug appears to have been fixed in this commit:

https://github.com/pkp/ojs/commit/faa31d7fa99c27277483220e037b4f2fafc92f30#diff-11

Previously, notifications were being created for all users associated with an article. This would have generated incorrect URLs in certain conditions.  Users with older installations may still have incorrect notifications in their database, but upgraded installations will not generate incorrect ones any more.