jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@day.com>
Subject Re: UserAccessControlProvider, possible issue.
Date Fri, 14 May 2010 06:30:40 GMT
hi ian

> Hi,
> JR core 2.0.0
> In UserAccessControlProvider.compilePermissions(...), if no principal relating to a user
node can be found, then a set or read only compiled permissions is provided. That set gives
the session read only access to the entire security workspace regardless of path.
> 
> If the user node is found, then an instance of UserAccessControlProvider.CompilePermissions
is used and in UserAccessControlProvider.CompilePermissions.buildResult(...) there is a check
for no user node. If there is no user node, all permissions are denied regardless of path.
> 
> Although the first case will never happen for an installation of Jackrabbit where there
are no custom PrincipalManagers, I suspect, based on the impl of UserAccessControlProvider.CompilePermissions.buildResult(...)
was to deny all access to the security workspace where there was no corresponding user node
in a set of principals.

if this is the case then it is inconsistent and thus a bug.
can you file an issue for that... preferably with a test
illustrating the problem. thanks.

> Has it already been fixed in a later release ?

not that i would know of.

regards
angela



Mime
View raw message