jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: why do we index 'rep%3AGrantACE' ?
Date Wed, 05 Mar 2014 07:48:51 GMT
hi tommaso

but that's something completely different... the query you are referring
to below looks for a user or group whose principalName matches everyone.
no access control involved this time ;-)


On 05/03/14 08:19, "Tommaso Teofili" <tommaso.teofili@gmail.com> wrote:

>also as far as I could see just yesterday, rep:AccessControllable is
>searched when logging in (I was logging into Felix WebConsole on a system
>running Sling and Oak and the query was "SELECT * FROM [rep:Authorizable]
>WHERE [rep:principalName] = $principalName, path=*,
>property=[rep:principalName=everyone]"), I was kind of surprised but
>what I found out.
>2014-03-05 1:58 GMT+01:00 Jukka Zitting <jukka.zitting@gmail.com>:
>> Hi,
>> On Tue, Mar 4, 2014 at 6:36 PM, Tobias Bocanegra <tripod@apache.org>
>> wrote:
>> > which brings the question, why we index those node types in the first
>> > place? I doubt that anyone will search for internal node types.
>> I remember myself searching at least for rep:AccessControllable on
>> various occasions. It's a quick and easy way to locate ACLs within a
>> repository.
>> > shouldn't we exclude all rep:* nodetypes?
>> I think the conflict you're seeing should rather be fixed in some other
>> way.
>> BR,
>> Jukka Zitting

View raw message