jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Dürig (JIRA) <j...@apache.org>
Subject [jira] [Assigned] (OAK-1998) Accessible tree below a non-accessible parent are HiddenTree
Date Tue, 29 Jul 2014 15:25:38 GMT

     [ https://issues.apache.org/jira/browse/OAK-1998?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Michael Dürig reassigned OAK-1998:
----------------------------------

    Assignee: Michael Dürig

> Accessible tree below a non-accessible parent are HiddenTree
> ------------------------------------------------------------
>
>                 Key: OAK-1998
>                 URL: https://issues.apache.org/jira/browse/OAK-1998
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.0, 1.0.1, 1.0.2, 1.0.3
>            Reporter: angela
>            Assignee: Michael Dürig
>            Priority: Critical
>             Fix For: 1.0.4
>
>         Attachments: OAK-1998_(tests).patch
>
>
> fixing OAK-1441 introduced a regression with respect to trees that are accessible though
one of their parent nodes isn't. The problem is that the fix for OAK-1441 doesn't distinguish
between 'hidden' trees and trees that are not accessible.
> - Hidden Trees: the complete subtree defined by the tree starting with ":" must be hidden
irrespective of the access control setup. example: Index.
> - Non-Accessible Tree: This is a matter of access control setup and it might be that
a child node is readable again. Example: the version store is not accessible by default but
the individual version histories (and versions) are accessible if the corresponding versionable
node is.
> The second use case is broken due to the missing distinction and the fact the a HiddenTree
always makes a child node hidden.
> Proposed solution: I think we have to make a clear separation between hidden trees and
trees that are not accessible and which are not hidden.
> the former defines a complete tree that is hidden (current approach is correct) but for
the latter we need proper permission evaluation upon access... these nodes must not be "HiddenTree"s.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message