jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jukka Zitting <jukka.zitt...@gmail.com>
Subject Re: Accessibility of NodeTypes, Privileges and Namespaces
Date Mon, 22 Apr 2013 09:02:53 GMT

On Mon, Apr 22, 2013 at 11:22 AM, Angela Schreiber <anchela@adobe.com> wrote:
> now, as of oak all of them are stored and accessed in the repository
> and are consequently affected by regular item read access which
> basically breaks backwards compatibility.

Note that the commit hooks and things like search indices work below
access controls, so they can in any case see the full /jcr:system
subtree and any repository metadata stored there.

The only bits that would be affected in the odd case where an
administrator would deny read access to something like the
/jcr:system/jcr:nodeTypes subtree would be the JCR-level
NodeTypeRegistry implementation and related methods. That might well
break some clients, but so would an administrator explicitly modifying
the builtin nodetypes file in Jackrabbit 2.x.

So at best I'd simply document that to keep an Oak repository
backwards compatible and JCR compliant, one shouldn't apply extra read
access controls on the repository metadata stored under /jcr:system.
There shouldn't be any need to explicitly enforce that in code.

If needed, I wouldn't be opposed to having an explicit access control
entry in /jcr:system that grants everyone read access to that subtree,
excluding version histories and other sensitive areas that in any case
are handled separately. Ideally I don't think that should be needed
though, as IMO content should be readable by default, unless
explicitly denied by access control.


Jukka Zitting

View raw message