In SecurityClass.inc it is possible to get the warnings:
warning: Invalid argument supplied for foreach() in /var/www/sites/all/modules/fedora_repository/SecurityClass.inc on line 84.
warning: Invalid argument supplied for foreach() in /var/www/sites/all/modules/fedora_repository/SecurityClass.inc on line 89.
These happen when the XACML policy doesn't contain any roles or users.
The SecurityClass module does a naive search of an XACML policy to
pull out the users and roles listed. Assuming that they are who
can edit the object. With certain policies this was failing, and
only returning the users, not the roles. This became a problem
with the XACML editor in use because this class was used more often.
I updated the XPATH expressions that it uses to find the users and
roles, so it should find them in all cases now. We should update
the security class to call the more precise XACML class first and
only fall back on the security class if XACML fails to parse the
file, however this would mean moving the XACML stuff into core.
The current breadcrumb calculation takes the first <dc:title> tag in the DC
datastream. The sorting order of the <dc:title> tags (in the case of more than
one tag) has empty tags appearing as the first items to be selected by the
query. This fix alters the query to change the sort order to make empty tags
the last items to be selected and thus, if a non-empty tag exists it will be
selected as the name of the breadcrumb.
There is also a problem with the breadcrumb query processing that will attempt
to process failed queries. The test for failure was incorrect and allowed some
failed queries to be treated as successes. This resulted in recursively
calling the breadcrumb processing an additional 10 times and failing each time.
This resulted in 10 '>' symbols instead of an error message. This fix tests
for falure and puts up an error message in the breadcrumb trail.
The breadcrumb calculation should be rewritten to be more robust.
Alan Stanley