jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tobias Bocanegra <tri...@apache.org>
Subject Re: Can't move node - AccessDeniedException
Date Mon, 12 Aug 2013 19:12:24 GMT
Hi,

the subject for the session is calculated on login. in your case, bob
does not have the 'group' principal in his session, thus not having
the permissions added for that group. AFAIK, the only way is to
re-login. you can try to "clone" the session, by impersonating the
user to himself - but I don't know if this works ootb.

regards, toby

On Mon, Aug 12, 2013 at 10:49 AM, Robert Haycock
<Robert.Haycock@artificial-solutions.com> wrote:
> Hi,
>
> My app....
>
> -          Logs on as "bob"
>
> -          Creates a node "myRoot".
>
> -          Creates a group (as admin).
>
> -          Adds a user "bob" to that group (as admin).
>
> -          Grants the following privileges to the node/group (as admin):
> Privilege.JCR_WRITE,
> Privilege.JCR_VERSION_MANAGEMENT
> Privilege.JCR_NODE_TYPE_MANAGEMENT
> Privilege.JCR_LOCK_MANAGEMENT
>
> -          Creates a tree of nodes under "myRoot" node (back as bob).
>
> -          Tries to move one of the child nodes
>
> -          Fails with AccessDeniedException
>
> When I debug  isGranted(srcPath, Permission.REMOVE_NODE) returns false (SessionMoveOperation:163)
but when I create a little app to do the same it returns true.
>
> Is this because the privileges were assigned after "bob" logged on? If so, is there a
way to refresh the session without having to log on again?
>
> Thanks,
>
> Rob.

Mime
View raw message