jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcel Reutegger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (JCR-3412) UserManager.findAuthorizables() does not work, if session does not have read access to /home
Date Wed, 05 Sep 2012 09:43:07 GMT

    [ https://issues.apache.org/jira/browse/JCR-3412?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13448600#comment-13448600
] 

Marcel Reutegger commented on JCR-3412:
---------------------------------------

You could also extend from the base class of existing authorization tests in jackrabbit-core:
AbstractEvaluationTest.

AFAICS it provides a number of utility methods as well that should allow you to apply access
control on test nodes.
                
> UserManager.findAuthorizables() does not work, if session does not have read access to
/home
> --------------------------------------------------------------------------------------------
>
>                 Key: JCR-3412
>                 URL: https://issues.apache.org/jira/browse/JCR-3412
>             Project: Jackrabbit Content Repository
>          Issue Type: Bug
>          Components: jackrabbit-core, query, security
>    Affects Versions: 2.4
>            Reporter: Tobias Bocanegra
>         Attachments: JCR-3412.patch
>
>
> If the session does not have read access to /home, the UserManager.findAuthorizables()
does not find anything.
> log shows:
> org.apache.jackrabbit.core.query.lucene.DescendantSelfAxisQuery Access denied to node
id d8cbdd0f-4fe1-473f-b452-219a3eb3d867.
> Where as this query works, and returns the user homes the session has read access to:
> /jcr:root//element(*,rep:User)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message