Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-3671

Incomplete cleanup of entries in ACL

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.3.12, 1.4
    • Component/s: core
    • Labels:
      None

      Description

      the current base implementation of the JackrabbitAccessControlList present in oak performs some cleanup in order to avoid accumulating a lot of redundant access control entries.

      in the following sequence of ACE the cleanup however is incomplete as the code breaks after the cleanup:

      existing

      • grant jcr:write to principalA
      • deny jcr:read to principalA

      new entry:

      • grant jcr:read to principalA

      the expected outcome would be that the deny entry is removed and the new allow merged with the first entry. instead the deny entry is still present after having merged the new entry into the list.

        Attachments

          Activity

            People

            • Assignee:
              angela Angela Schreiber
              Reporter:
              angela Angela Schreiber
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: