Error when the user attempts to upload a document into a folder it has permission, but doesn'n in the folder's parents

[douglascrp]

When an user is given the permission to write into a single folder inside of folder structure, but without permission into the higher levels in the structure, the allowed-content-types webscript fails in the line below https://github.com/softwareloop/uploader-plus/blob/master/repo/src/main/amp/config/alfresco/templates/webscripts/com/softwareloop/uploader-plus/allowed-content-types.get.js#L40

The problem is that the code is trying to access the hasAspect function in a node where the user has no permission.

[yregaieg]

@douglascrp IMHO the required behavior is to fail to load the config if it is part of a folder the current user does not have any permission over. So, I would suggest to switch from JS implementation to Java implementation, run the code to resolve parents as system (probably use lower level services to avoid unecessary auditing), and discard (ignore) any setting on a node the fully authenticated user does not have permissions over and continue resolving parents

[douglascrp]

@yregaieg That is exactly what I thought, but I could not find the time to work on this.