jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jukka Zitting <jukka.zitt...@gmail.com>
Subject Re: Accessibility of NodeTypes, Privileges and Namespaces
Date Mon, 22 Apr 2013 11:37:08 GMT

On Mon, Apr 22, 2013 at 2:14 PM, Angela Schreiber <anchela@adobe.com> wrote:
> that's basically my proposal a) but i am not totally sure if that's
> the best solution... in particular it will not work if someone
> would deny read-access to a 'user' on the root node...

Wouldn't an ACL on the /jcr:system subtree override one on the root node?

> in addition
> i am not sure, if we really want to have full/regular ac-evaluation
> for those trees...

I don't see much harm in having them under normal access control. Did
you have something specific in mind? On the contrary, avoiding a
special case for this should help keep the relevant code simple.


Jukka Zitting

View raw message