Hi all,
We running into a (potential) issue with same name siblings and
authorization and I would like to have some feedback before we try to
fix this (if needed at all).
The problem is as follows: we have the following structure:
-content
`news
`newsitem
|- item
`- item
The session has only permissions to read the second sns and not the
first one. I would expect that this session, which sees only one
"item" node would be able to get the node with:
session.getRootNode().getNode("content/news/newsitem/item")
But this will return "null" and similarly the
hasNode(content/news/item/item) will return false. The only way to get
the node seems to be with:
session.getRootNode().getNode("content/news/newsitem/item[2]")
Which is a bit odd, because how can the session know there is more
than one item sibling? Does anybody knows what the spec has to say
about this?
Regards,
Bart
|