Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
Servlets Post 2.0.2
-
None
Description
If you set a single value Proeprty with a Post handled by the PostServlet,
the related property is removed first and than the value is set.
While the effect is the desired change of the Property's value, it has side-effects.
Et least the connected session has to have remove-privilege to set the property.
Eventing may be unexpected, and other may result.
Example:
String path = "/content/node1";
String pName = "property1";
Node node = (Node) session.getRootNode().getIem(path);
try {
session.checkPermission(path+"/"+pName, "set_property")
//==allowed
} catch (AccessControlException) {
}
But
POST "/content/node1"
property1=test
=> AccessDenied