Return-Path: X-Original-To: apmail-jackrabbit-users-archive@minotaur.apache.org Delivered-To: apmail-jackrabbit-users-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8B83B10266 for ; Thu, 12 Sep 2013 13:06:30 +0000 (UTC) Received: (qmail 73110 invoked by uid 500); 12 Sep 2013 13:06:30 -0000 Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org Received: (qmail 72924 invoked by uid 500); 12 Sep 2013 13:06:29 -0000 Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@jackrabbit.apache.org Delivered-To: mailing list users@jackrabbit.apache.org Received: (qmail 72916 invoked by uid 99); 12 Sep 2013 13:06:28 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Sep 2013 13:06:28 +0000 X-ASF-Spam-Status: No, hits=2.0 required=5.0 tests=SPF_NEUTRAL,URI_HEX X-Spam-Check-By: apache.org Received-SPF: error (athena.apache.org: encountered temporary error during SPF processing of domain of piccinatto@ibest.com.br) Received: from [216.139.236.26] (HELO sam.nabble.com) (216.139.236.26) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Sep 2013 13:06:24 +0000 Received: from joe.nabble.com ([192.168.236.139]) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1VK6ad-0002Pz-MT for users@jackrabbit.apache.org; Thu, 12 Sep 2013 06:05:43 -0700 Date: Thu, 12 Sep 2013 06:05:43 -0700 (PDT) From: hsp To: users@jackrabbit.apache.org Message-ID: <1378991143523-4659526.post@n4.nabble.com> Subject: Granted permission to remove operation MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org I am facing a "issue" in my rules when a user in the session invokes the node.remove(). The api did not call the "isGranted(Path absPath, int permissions)" in this invoke to remove(), but when the user calls session.save() the "isGranted(Path absPath, int permissions)" method is entered but the item/properties is not there anymore and the operation is permited and saved, but the user was not with that permission to remove the node... so, how to check the remove permission when the ItemManager will not find to node to check this (this happens independently if the user has or not the remove permission). I did a call to "checkPermission" before invoke the "remove" as a workaround, but I think the api would check this on demand by the org.apache.jackrabbit.core.security.AccessManager implementation, not??? I am doing my own rules to achieve the rights for the user, and my implementation was based on version 1.4, and now after upgrading to 2.6.3 I needed to adequate the levels of permissions and methods of the interface AccessManager, but it seems that the api changed the way to check the permissions and it is not like in version 1.4 at least for the "node.remove" method. I will apreciate any directions of help, Regards -- View this message in context: http://jackrabbit.510166.n4.nabble.com/Granted-permission-to-remove-operation-tp4659526.html Sent from the Jackrabbit - Users mailing list archive at Nabble.com.