jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tomek Rękawek (JIRA) <j...@apache.org>
Subject [jira] [Commented] (OAK-7926) ACLs for the mounted principal should use the mounted permission store
Date Fri, 30 Nov 2018 15:04:00 GMT

    [ https://issues.apache.org/jira/browse/OAK-7926?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16704867#comment-16704867
] 

Tomek Rękawek commented on OAK-7926:
------------------------------------

[~anchela] - sorry for the wrong issue type, my mistake. I don't plan to commit any changes
in the security code without a careful scrutiny from you and [~stillalex].

> ACLs for the mounted principal should use the mounted permission store
> ----------------------------------------------------------------------
>
>                 Key: OAK-7926
>                 URL: https://issues.apache.org/jira/browse/OAK-7926
>             Project: Jackrabbit Oak
>          Issue Type: New Feature
>          Components: security
>            Reporter: Tomek Rękawek
>            Assignee: Tomek Rękawek
>            Priority: Major
>             Fix For: 1.10
>
>
> Right now, the permission store is aware of the mounts configured with the {{MountInfoProvider}}:
adding a ACL for the content stored in a mount will result in creating the {{rep:Permissions}}
in {{/jcr:system/rep:permissionStore/oak:mount-MOUNT-WORKSPACE}} permission store. This path
should be mounted as well. This way the content and its permissions can be mounted together.
See OAK-3777 for more details on this.
> As in OAK-7725, it's also possible to include a {{rep:AuthorizableFolder}} in a mount.
This way, the users created in such folder will be stored in the mounted repository (when
using Composite Node Store). Permissions for such users should be also stored in the mounted
permission store, rather than general one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message