Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.10
    • Component/s: core
    • Labels:
      None

      Description

      as explained in JCR-2963 the version store needs special attention when
      it comes to access control and permissions enforced on the store.

      for oak we need to define mechanisms on how to control access to the
      version store and provide the possibility to limit access to individual
      parts of the version store. some possibilities are already listed in JCR-2963.

      additional topics include:

      • searching for versioned content
      • find and restore versions that have no corresponding versionable node in
        the content tree
      • ability to prevent access to version store altogether without preventing
        access to versions/version histories through JCR version operations

        Issue Links

          Activity

          angela created issue -
          Marcel Reutegger made changes -
          Field Original Value New Value
          Link This issue blocks OAK-168 [ OAK-168 ]
          angela made changes -
          Assignee angela [ anchela ]
          angela made changes -
          Link This issue relates to JCR-2963 [ JCR-2963 ]
          angela made changes -
          Parent Issue OAK-51 [ OAK-51 ] OAK-527 [ OAK-527 ]
          Hide
          angela added a comment -

          currently the implementation covers most of the version store s.str.

          • reading adding version history and versions depends on versionmgt permission on the corresponding versionable node
          • adding intermediate version storage nodes will not be explicitly checked for permissions instead
            the permission validator will check on the version history that is being added (and fail if there is
            not version history).
          • reading intermediate version storage nodes: TODO
          • activities and activity storage: TODO
          • configurations and configuration storage: TODO
          Show
          angela added a comment - currently the implementation covers most of the version store s.str. reading adding version history and versions depends on versionmgt permission on the corresponding versionable node adding intermediate version storage nodes will not be explicitly checked for permissions instead the permission validator will check on the version history that is being added (and fail if there is not version history). reading intermediate version storage nodes: TODO activities and activity storage: TODO configurations and configuration storage: TODO
          Hide
          angela added a comment -

          completing this is currently blocked by the fact that all version mgt is
          currently disabled.

          Show
          angela added a comment - completing this is currently blocked by the fact that all version mgt is currently disabled.
          angela made changes -
          Link This issue blocks OAK-168 [ OAK-168 ]
          angela made changes -
          Link This issue is blocked by OAK-168 [ OAK-168 ]
          Hide
          Julian Reschke added a comment -

          what's the plan for version histories of nodes that have been removed?

          Show
          Julian Reschke added a comment - what's the plan for version histories of nodes that have been removed?
          Hide
          angela added a comment -

          Committed revision 1526174:
          added access eval for configurations and activities resolving todos in the code. currently this cannot be tested as the corresponding features are still missing.

          apart from that i would consider this issue fixed.

          Show
          angela added a comment - Committed revision 1526174: added access eval for configurations and activities resolving todos in the code. currently this cannot be tested as the corresponding features are still missing. apart from that i would consider this issue fixed.
          angela made changes -
          Status Open [ 1 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          Alex Parvulescu made changes -
          Fix Version/s 0.10 [ 12325008 ]
          Hide
          Alex Parvulescu added a comment -

          bulk close for 0.10 release

          Show
          Alex Parvulescu added a comment - bulk close for 0.10 release
          Alex Parvulescu made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Open Open Resolved Resolved
          316d 4h 12m 1 angela 25/Sep/13 15:43
          Resolved Resolved Closed Closed
          14d 46m 1 Alex Parvulescu 09/Oct/13 16:29

            People

            • Assignee:
              angela
              Reporter:
              angela
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development