jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dominique Pfister (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JCR-224) Lock: Session.addLockToken(String) does make the session to a lock holder
Date Tue, 27 Sep 2005 13:40:48 GMT
    [ http://issues.apache.org/jira/browse/JCR-224?page=comments#action_12330587 ] 

Dominique Pfister commented on JCR-224:
---------------------------------------

Well, I'm afraid, I don't remember that discussion and obviously it did not make it into the
specification. 

Fact is: there can only be one session holding a lock (that is: be the lock holder). I don't
consider it very safe to silently withdraw a lock token from one session if some other session
adds the same lock token which apparently is what you are suggesting.

> Lock: Session.addLockToken(String) does make the session to a lock holder
> -------------------------------------------------------------------------
>
>          Key: JCR-224
>          URL: http://issues.apache.org/jira/browse/JCR-224
>      Project: Jackrabbit
>         Type: Bug
>   Components: locks
>     Reporter: angela

>
> JSR170 says:
> Lock.getLockToken(): 
> "May return the lock token for this lock. If this Session holds the lock token for this
lock, then this method will return that lock token. If this Session does not hold the applicable
lock token then this method will return null."
> Session.addLockToken(String lt):
> "Adds the specified lock token to this session. Holding a lock token allows the Session
object of the lock owner to alter nodes that are locked by the lock specified by that particular
lock token."
> and:
> "Note that, as mentioned above, any user with the correct lock token assumes the power
to remove a lock and alter nodes under that lock. It does not have to be the lock owner."
> If i remember the discussion regarding the locking correctly, it was decided, that the
locktoken is turned to any session, that contains the proper token. And: the Lock.getLockToken()
is the only way to find out, whether a given session is allowed to modify a locked node (in
contrast to the isLocked() method). 
> I have the impression, that the current implementation does not respect this:
> Lock.getLockToken() passes the call to the LockInfo object. The latter performs the following
check:
> public String getLockToken(Session session) {
>         if (session.equals(lockHolder)) {
>             return lockToken.toString();
>         }
>         return null;
>     }
> where the lockHolder is set to a particular session in consequence to Session.addLockToken
but only if the lockHolder is null... otherwise the call it is ignored (LockManagerImpl line
468). 
> however, from the above quotes, i would rather expect, that the method should check,
if the given Session holds the lockToken associated with this lock. 
> regards
> angela

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message