Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-5931

Inconsistent behaviour when removing nodes with rep:policy subnodes for users without modify ACL permissions

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Not A Bug
    • Affects Version/s: 1.4.14, 1.6.1
    • Fix Version/s: None
    • Component/s: core
    • Labels:
      None

      Description

      If a session (without rep:modifyAccessControl) removes a node with a rep:policy subnode and then recreates it within the same save (without the rep:policy subnode) the commit diff will mistake the action for the removal of the ACL, which this session is not authorised to do.

      If the session is saved prior to recreating the node, both saves (after remove and after recreate) will succeed.

      From discussion with angela:

      the diff mechanism used within Root.commit cannot distinguish between the removal of a policy or the replace of the access controlled node with one that doesn't have the policy set. within that diff it looks like the removal of the policy node

        Attachments

        1. ACLTest.java
          3 kB
          Tom Blackford

          Activity

            People

            • Assignee:
              angela angela
              Reporter:
              rma61870@adobe.com Tom Blackford
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: