[OAK-8276] OR-CompositeTreePermission.grantsPermission should loop over aggregates of supported permissions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.14.0
Component/s: core, security
Labels:
None

Description

stillalex, issue as discussed in person: while working on ~~OAK-8269~~ and the missing tests for the ORing CompositeTreePermission i noticed the following issue in grantsPermission: after obtaining the supported permissions the code loops over the individual permissions aggregated. but passes the original permission instead of the supported ones which potentially only include a subset.

the affected code inside the method looks as follows:

            long supported = providers[i].supportedPermissions(tp, property, permissions);
            if (doEvaluate(supported)) {
                if (compositionType == AND) {
                   [...]
                } else {
                    for (long p : Permissions.aggregates(permissions)) {    // <==== issue line 221 
                        [...]
                    }
                }
            }

IMO the code at line 221 should rather be as follows:

for (long p : Permissions.aggregates(supported)) {

i will go ahead fix it along with a test case that illustrates the issue.

Attachments

Issue Links

relates to

OAK-8269 Improve readability of CompositePermissionProvider and CompositeTreePermission

Closed

Activity

People

Assignee:: Angela Schreiber

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 25/Apr/19 08:57

Updated:: 11/Jun/19 10:51

Resolved:: 25/Apr/19 09:22