Skip to content

Commit 4ea253c

Browse files
gradinarufelixgradinarufelix
committed
BUGFIX: Find nodes in CR without security checks to allow nodes of other workspaces
Backport of #419 to Neos 8.x This wraps the getNodeByIdentifier() call in withoutAuthorizationChecks() to prevent workspace-related authorization checks from failing when indexing nodes that exist in different workspaces. Resolves the error: Node workspace "user-xxx" not found in allowed workspaces (live), this could result from a detached workspace entity in the context.
1 parent 476d3ee commit 4ea253c

1 file changed

Lines changed: 12 additions & 1 deletion

File tree

Classes/Indexer/NodeIndexer.php

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@
3636
use Neos\ContentRepository\Search\Indexer\AbstractNodeIndexer;
3737
use Neos\ContentRepository\Search\Indexer\BulkNodeIndexerInterface;
3838
use Neos\Flow\Annotations as Flow;
39+
use Neos\Flow\Security\Context as SecurityContext;
3940
use Neos\Utility\Exception\FilesException;
4041
use Neos\Flow\Log\Utility\LogEnvironment;
4142
use Psr\Log\LoggerInterface;
@@ -145,6 +146,12 @@ class NodeIndexer extends AbstractNodeIndexer implements BulkNodeIndexerInterfac
145146
*/
146147
protected $errorStorage;
147148

149+
/**
150+
* @Flow\Inject
151+
* @var SecurityContext
152+
*/
153+
protected $securityContext;
154+
148155
/**
149156
* The current Elasticsearch bulk request, in the format required by https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html
150157
*/
@@ -270,7 +277,11 @@ public function indexNode(NodeInterface $node, $targetWorkspace = null): void
270277
};
271278

272279
$handleNode = function (NodeInterface $node, Context $context) use ($targetWorkspace, $indexer) {
273-
$nodeFromContext = $context->getNodeByIdentifier($node->getIdentifier());
280+
$nodeFromContext = $this->securityContext->withoutAuthorizationChecks(
281+
function () use ($context, $node) {
282+
return $context->getNodeByIdentifier($node->getIdentifier());
283+
}
284+
);
274285
if ($nodeFromContext instanceof NodeInterface) {
275286
$this->searchClient->withDimensions(static function () use ($indexer, $nodeFromContext, $targetWorkspace) {
276287
$indexer($nodeFromContext, $targetWorkspace);

0 commit comments

Comments
 (0)