Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.10
    • Component/s: core
    • Labels:
      None

      Description

      as explained in JCR-2963 the version store needs special attention when
      it comes to access control and permissions enforced on the store.

      for oak we need to define mechanisms on how to control access to the
      version store and provide the possibility to limit access to individual
      parts of the version store. some possibilities are already listed in JCR-2963.

      additional topics include:

      • searching for versioned content
      • find and restore versions that have no corresponding versionable node in
        the content tree
      • ability to prevent access to version store altogether without preventing
        access to versions/version histories through JCR version operations

        Issue Links

          Activity

          Hide
          angela added a comment -

          currently the implementation covers most of the version store s.str.

          • reading adding version history and versions depends on versionmgt permission on the corresponding versionable node
          • adding intermediate version storage nodes will not be explicitly checked for permissions instead
            the permission validator will check on the version history that is being added (and fail if there is
            not version history).
          • reading intermediate version storage nodes: TODO
          • activities and activity storage: TODO
          • configurations and configuration storage: TODO
          Show
          angela added a comment - currently the implementation covers most of the version store s.str. reading adding version history and versions depends on versionmgt permission on the corresponding versionable node adding intermediate version storage nodes will not be explicitly checked for permissions instead the permission validator will check on the version history that is being added (and fail if there is not version history). reading intermediate version storage nodes: TODO activities and activity storage: TODO configurations and configuration storage: TODO
          Hide
          angela added a comment -

          completing this is currently blocked by the fact that all version mgt is
          currently disabled.

          Show
          angela added a comment - completing this is currently blocked by the fact that all version mgt is currently disabled.
          Hide
          Julian Reschke added a comment -

          what's the plan for version histories of nodes that have been removed?

          Show
          Julian Reschke added a comment - what's the plan for version histories of nodes that have been removed?
          Hide
          angela added a comment -

          Committed revision 1526174:
          added access eval for configurations and activities resolving todos in the code. currently this cannot be tested as the corresponding features are still missing.

          apart from that i would consider this issue fixed.

          Show
          angela added a comment - Committed revision 1526174: added access eval for configurations and activities resolving todos in the code. currently this cannot be tested as the corresponding features are still missing. apart from that i would consider this issue fixed.
          Hide
          Alex Parvulescu added a comment -

          bulk close for 0.10 release

          Show
          Alex Parvulescu added a comment - bulk close for 0.10 release

            People

            • Assignee:
              angela
              Reporter:
              angela
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development