[OAK-766] TreeImpl#*Location: unable retrieve child location if access to parent is denied - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.7
Component/s: core
Labels:
None

Description

as a consequence of ~~OAK-709~~ we now have an issue with the way
SessionDelegate and Root#getLocation access a node in the hierarchy
which has an ancestor which is not accessible.

specifically RootImpl#getLocation will be served a NullLocation for the
first ancestor which is not accessible and consequently any accessible
child node cannot be accessed.

in order to reproduce the issue you may:

change AccessControlConfigurationImpl to use PermissionProviderImpl instead
of the tmp solution
and run o.a.j.oak.jcr.security.authorization.ReadTest#testReadDenied

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

OAK-766-patch.txt
10/Apr/13 12:16
9 kB
Antonio Sanso

Issue Links

blocks

OAK-709 Consider moving permission evaluation to the node state level

Closed

is blocked by

OAK-781 Clarify / fix effects of MISSING_NODE as base state of NodeBuilder

Closed

OAK-798 Review / refactor TreeImpl and related classes

Closed

Activity

People

Assignee:: Michael Dürig

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 09/Apr/13 14:21

Updated:: 21/May/13 11:18

Resolved:: 02/May/13 15:39