jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (JCR-2999) Access control evaluation does not properly cope with XA transactions
Date Wed, 22 Jun 2011 16:18:49 GMT

     [ https://issues.apache.org/jira/browse/JCR-2999?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

angela resolved JCR-2999.
-------------------------

    Resolution: Fixed

> Access control evaluation does not properly cope with XA transactions
> ---------------------------------------------------------------------
>
>                 Key: JCR-2999
>                 URL: https://issues.apache.org/jira/browse/JCR-2999
>             Project: Jackrabbit Content Repository
>          Issue Type: Bug
>          Components: jackrabbit-core, security, transactions
>            Reporter: angela
>            Assignee: angela
>             Fix For: 2.2.8, 2.3.0
>
>         Attachments: JCR-2999.patch
>
>
> the following test fails with ItemNotFoundException at the indicated position due to
the fact that
> the parent n2 is EXISTING but still not visible to the system session responsible for
the ac
> evaluation.
> public void testTransaction() throws Exception {
>         // make sure testUser has all privileges
>         Privilege[] privileges = privilegesFromName(Privilege.JCR_ALL);
>         givePrivileges(path, privileges, getRestrictions(superuser, path));
>         // create new node and lock it
>         Session s = getTestSession();
>         UserTransaction utx = new UserTransactionImpl(s);
>         utx.begin();
>         // add node and save it
>         Node n = s.getNode(childNPath);
>         if (n.hasNode(nodeName1)) {
>             Node c = n.getNode(nodeName1);
>             c.remove();
>             s.save();
>         }
>         Node n2 = n.addNode(nodeName1);
>         s.save();
>             
>         Node n3 = n2.addNode(nodeName2);
>         s.save(); // exception
>         // commit
>         utx.commit();
>     }
> A possible workaround would be to make sure that ItemSaveOperation.persistTransientItems

> retrieves the parent without having the checkPermission enabled since we can assume that
> the new item could not be added if the parent was not readable in the first place....
but careful
> evaluation would be required.
> NOTE: this is just one example of the AC-evaluation not properly dealing with XA transactions.
> I am convinced that other examples could be find....

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message