[SLING-2600] Effective ACL servlet returns incorrect information - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: JCR Jackrabbit Access Manager 2.1.0
Fix Version/s: JCR Jackrabbit Access Manager 2.1.2
Component/s: JCR
Labels:
None

Description

The GetEffectiveAclServlet only appears to reflect the permissions on lowest node in the requested hierarchy that has an ACL, rather than aggregating all entries.

Given, e.g., a node structure with the following privileges:

/base
principalA - jcr:write=granted
principalB - jcr:write=granted

/base/child
principalB - jcr:lockManagement=granted

When requesting /base/child.eacl.json, the expected result would be that the privileges granted to both principals on /base would be reflected, in addition to those declared directly on /base/child.

Instead, requests for /base/child.eacl.json and /base/child.acl.json both return:

{
"principalB":

{ "granted": [ "jcr:lockManagement" ], "order": 0, "principal": "principalB" }

}

Attachments

Activity

People

Assignee:: Eric Norman

Reporter:: Dan Freeman

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 14/Sep/12 15:13

Updated:: 20/Sep/19 11:34

Resolved:: 11/Oct/12 04:46