jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Parvulescu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (JCR-3412) UserManager.findAuthorizables() does not work, if session does not have read access to /home
Date Tue, 04 Sep 2012 15:18:07 GMT

     [ https://issues.apache.org/jira/browse/JCR-3412?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Alex Parvulescu updated JCR-3412:
---------------------------------

    Attachment: JCR-3412.patch

I'm having a bit of trouble building a proper test for this issue.

I see no way to remove read access to the folder that is the home of the acl config (what
I'm assuming is refered to as "/home")
There are no ACLs on the node, all the tests I've seen in jr-core assume there is some kind
of ACL list that can be tweaked.

Also, I find the fact that all the ACL config is created in the "security" workspace confusing,
it took some time to figure that one out :)

I'm attaching what I have so far (patch against jackrabbit-core).

feedback is much appreciated.




                
> UserManager.findAuthorizables() does not work, if session does not have read access to
/home
> --------------------------------------------------------------------------------------------
>
>                 Key: JCR-3412
>                 URL: https://issues.apache.org/jira/browse/JCR-3412
>             Project: Jackrabbit Content Repository
>          Issue Type: Bug
>          Components: jackrabbit-core, query, security
>    Affects Versions: 2.4
>            Reporter: Tobias Bocanegra
>         Attachments: JCR-3412.patch
>
>
> If the session does not have read access to /home, the UserManager.findAuthorizables()
does not find anything.
> log shows:
> org.apache.jackrabbit.core.query.lucene.DescendantSelfAxisQuery Access denied to node
id d8cbdd0f-4fe1-473f-b452-219a3eb3d867.
> Where as this query works, and returns the user homes the session has read access to:
> /jcr:root//element(*,rep:User)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message