Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-2015

PermissionStore doesn't reflect dynamic nature of jcr:all

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.0
    • 1.0.9, 1.1.0
    • core
    • None

    Description

      the following test will fail with the current implementation of the permission store:

      @Test
    public void testJcrAllWithCustomPrivileges() throws Exception {
        Node testNode = session.getRootNode().addNode("test");
        String testPath = testNode.getPath();

        AccessControlUtils.grantAllToEveryone(session, testPath);
        session.save();

        JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) session.getAccessControlManager();
        Privilege[] allPrivileges = AccessControlUtils.privilegesFromNames(session, Privilege.JCR_ALL);
        Set<Principal> principalSet = ImmutableSet.<Principal>of(EveryonePrincipal.getInstance());

        assertTrue(acMgr.hasPrivileges(testPath, principalSet, allPrivileges));
        org.junit.Assert.assertArrayEquals(allPrivileges, acMgr.getPrivileges(testPath, principalSet));

        privilegeManager.registerPrivilege("customPriv", false, null);

        assertTrue(acMgr.hasPrivileges(testPath, principalSet, allPrivileges));
        org.junit.Assert.assertArrayEquals(allPrivileges, acMgr.getPrivileges(testPath, principalSet));
    }

      the issue is caused by the current implementation of the PermissionStore and the PermissionStoreEditor, which do not reflect the dynamic nature of jcr:all upon reading/writing entries from the permission store.

      Attachments

        1. OAK-2015.patch
          26 kB
          Angela Schreiber

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. OAK-2255 PermissionStoreImpl refresh root on flush

          • Major - Major loss of function.
          • Closed
          requires

          Sub-task - The sub-task of the issue OAK-1448 Tool to detect and possibly fix permission store inconsistencies

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              angela Angela Schreiber
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: