jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OAK-7926) ACLs for the mounted principal should use the mounted permission store
Date Fri, 30 Nov 2018 14:38:00 GMT

    [ https://issues.apache.org/jira/browse/OAK-7926?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16704815#comment-16704815
] 

angela commented on OAK-7926:
-----------------------------

[~tomek.rekawek], since i reopened OAK-7725, i would appreciate if you would not just commit
changes here without prior discussion them with subject matter experts. thanks.

cc: [~stillalex]

> ACLs for the mounted principal should use the mounted permission store
> ----------------------------------------------------------------------
>
>                 Key: OAK-7926
>                 URL: https://issues.apache.org/jira/browse/OAK-7926
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: security
>            Reporter: Tomek Rękawek
>            Assignee: Tomek Rękawek
>            Priority: Major
>             Fix For: 1.10
>
>
> Right now, the permission store is aware of the mounts configured with the {{MountInfoProvider}}:
adding a ACL for the content stored in a mount will result in creating the {{rep:Permissions}}
in {{/jcr:system/rep:permissionStore/oak:mount-MOUNT-WORKSPACE}} permission store. This path
should be mounted as well. This way the content and its permissions can be mounted together.
See OAK-3777 for more details on this.
> As in OAK-7725, it's also possible to include a {{rep:AuthorizableFolder}} in a mount.
This way, the users created in such folder will be stored in the mounted repository (when
using Composite Node Store). Permissions for such users should be also stored in the mounted
permission store, rather than general one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message