Return-Path: 
 <oak-dev-return-2806-apmail-jackrabbit-oak-dev-archive=jackrabbit.apache.org@jackrabbit.apache.org>
X-Original-To: apmail-jackrabbit-oak-dev-archive@minotaur.apache.org
Delivered-To: apmail-jackrabbit-oak-dev-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2F6CB9E6B
	for <apmail-jackrabbit-oak-dev-archive@minotaur.apache.org>;
 Wed, 24 Oct 2012 11:33:00 +0000 (UTC)
Received: (qmail 98734 invoked by uid 500); 24 Oct 2012 11:33:00 -0000
Delivered-To: apmail-jackrabbit-oak-dev-archive@jackrabbit.apache.org
Received: (qmail 98613 invoked by uid 500); 24 Oct 2012 11:32:58 -0000
Mailing-List: contact oak-dev-help@jackrabbit.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:oak-dev-help@jackrabbit.apache.org>
List-Unsubscribe: <mailto:oak-dev-unsubscribe@jackrabbit.apache.org>
List-Post: <mailto:oak-dev@jackrabbit.apache.org>
List-Id: <oak-dev.jackrabbit.apache.org>
Reply-To: oak-dev@jackrabbit.apache.org
Delivered-To: mailing list oak-dev@jackrabbit.apache.org
Received: (qmail 98570 invoked by uid 99); 24 Oct 2012 11:32:57 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Oct 2012 11:32:57 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of jukka.zitting@gmail.com
 designates 209.85.212.42 as permitted sender)
Received: from [209.85.212.42] (HELO mail-vb0-f42.google.com) (209.85.212.42)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Oct 2012 11:32:50 +0000
Received: by mail-vb0-f42.google.com with SMTP id fs19so953198vbb.1
        for <oak-dev@jackrabbit.apache.org>;
 Wed, 24 Oct 2012 04:32:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=6Nr6Ero6ojDNNhT1eLUlPL2kX5XPpQmim1O76AHmXeg=;
        b=NtVwDfLPXmeBgeNJimE5OS7s4ggXPGTbkeKOKUb+jWDzScXCBfDFjjbzWf9JhF3Chy
         MJCy8s0bUrfXb+LMDiQPSnONxGTlivGabTHVhRaloZcLwKYuJd0Ch2Jz300slsqEDfu0
         8mURpZcbE8uXjPiHqDZ3smQ8md9il8bENaiW+d2d8/O08ZxyzHXp0woplPEuLtSiFe+R
         iUOqIIxbbLp8TqzsrCAwoaeytCVxAwQbg3tsKXIbmCy7+xdJf9tu5xAEllAff1KB8ixU
         pWXlJM3jHLAB1vGBR5hs0gQom5bIXtW0GK+mwirHL1WucC6OIF6mwJpFQ35u61qGz2/k
         wv8Q==
Received: by 10.59.8.133 with SMTP id dk5mr28749007ved.19.1351078349779; Wed,
 24 Oct 2012 04:32:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.58.132.226 with HTTP; Wed, 24 Oct 2012 04:32:09 -0700 (PDT)
In-Reply-To: <5087C335.5060009@adobe.com>
References: <20121024073303.643D42388A29@eris.apache.org>
 <50879C9A.2080400@apache.org>
 <5087A5CF.20807@adobe.com> <5087A9A2.8070408@apache.org>
 <5087AE81.3090805@adobe.com>
 <CAOFYJNbfh3HQcRG3JYxwT7k4H49HYYcNkRMvntEZyvc6xMzjTQ@mail.gmail.com>
 <5087C335.5060009@adobe.com>
From: Jukka Zitting <jukka.zitting@gmail.com>
Date: Wed, 24 Oct 2012 13:32:09 +0200
Message-ID: 
 <CAOFYJNbKvCcqroTxuNyZ2kx7a6z+QKLOBgLgROdXEzATrDPo0A@mail.gmail.com>
Subject: Re: BlobFactory (was Re: svn commit: r1401571 - in
 /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/api:
 BlobFactory.java Root.java)
To: oak-dev@jackrabbit.apache.org
Content-Type: text/plain; charset=ISO-8859-1
X-Virus-Checked: Checked by ClamAV on apache.org

Hi,

On Wed, Oct 24, 2012 at 12:30 PM, Angela Schreiber <anchela@adobe.com> wrote:
> - is the content ID of those binaries exposed somewhere?

IMO it shouldn't be exposed to clients.

> - is there an alternative way of accessing such an binary except
>   for regular property-access which was controlled by access control?

No, not beyond the session that created the binary.

> - how is the http-binding of such an binary?

A remote client should only be able to read a binary through the
containing property. The access controls on that property limit who
can access the binary.

> - how do we deal with binaries that are not associated with an
>   existing property? are they accessible somewhere/somehow? and if
>   so by whom?

Such binaries should only be accessible by the session that created them.

> - is there a way of searching the binary-store by other means that
>   executing a regular jcr/oak search on the content tree?

No.

> - can we prevent some sessions from writing to the binary-store
>   altogehter? if we can't what are the implications?

I guess we could, though I think the easiest way to do that would be
to have some special "upload binary" permission that's granted by
default but can be explicitly denied for a particular user or a
session.

> - is there way of reverting change made to the binary store without
>   having to wait for garbage collection? who would be in charge
>   of doing so? what was the interface to do that?

One could always trigger a new garbage collection run. Alternatively,
if we modify the MicroKernel API accordingly, it could be possible for
the backend implementation to tie new binaries to the sessions that
created them so that when the session is closed any binaries that
didn't get added to the content tree could be automatically released.

BR,

Jukka Zitting