[OAK-2149] Locks are not enforced for content changes - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Won't Fix
Affects Version/s: 1.0.19, 1.2.4, 1.3.4
Fix Version/s: None
Component/s: jcr
Labels:
None

Description

Locks are not enforced and do not prevent nodes from being modified by non-lock-owning sessions.

Consider following code excerpt:

Repository repo = ...
String path = "/some/node";

Session session1 = repo.login(new SimpleCredentials("A", "password".toCharArray()));
session1.getNode(path).addMixin("mix:lockable");
session1.save();
LockManager lockManager = session1.getWorkspace().getLockManager();
lockManager.lock(path, true, false, Long.MAX_VALUE, null);

Session session2 = repo.login(new SimpleCredentials("B", "password".toCharArray()));
session2.getNode(path).setProperty("foo", "bar");
session2.save();

User A puts a lock on /some/node. User B is still able to set a property on that node after it has been locked. Instead, this should throw a LockException.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-OAK-2149-Locks-are-not-enforced.patch
07/Aug/15 10:52
4 kB
Robert Munteanu

Issue Links

is duplicated by

OAK-2244 Content can be changed by users who do not own the lock

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: Damien Obrist

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 29/Sep/14 10:51

Updated:: 08/Mar/18 10:18

Resolved:: 08/Mar/18 10:18