jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Accessibility of NodeTypes, Privileges and Namespaces
Date Mon, 22 Apr 2013 08:22:22 GMT

in jackrabbit-core node types, namespaces and privileges were stored
separated from the repository content in the file system. accessibility
of that part of the repository was therefore never managed by the
regular item access in jackrabbit.

now, as of oak all of them are stored and accessed in the repository
and are consequently affected by regular item read access which
basically breaks backwards compatibility.

i see the following ways we could address this:

a) setup full read access for the corresponding content trees in oak
b) define separate default access control policies for those trees that
    are present irrespective of the ac policies defined in the content.
    sort of "post-evaluation" rule that always takes effect.

not doing anything and leaving setup of these access rights to the
users doesn't see to be the wright solution to me.

see also https://issues.apache.org/jira/browse/OAK-787

kind regards

View raw message