jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tommaso Teofili (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (OAK-2473) ACL checks on suggestions
Date Fri, 06 Feb 2015 14:26:34 GMT

    [ https://issues.apache.org/jira/browse/OAK-2473?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14309213#comment-14309213
] 

Tommaso Teofili edited comment on OAK-2473 at 2/6/15 2:25 PM:
--------------------------------------------------------------

the approached discussed offline with [~chetanm] and [~tmueller] is to run the suggest query
unfiltered and then to run another full text query for each of the returned suggestion with
the suggested term / phrase to check if the calling user is allowed to read at least one of
the resulting nodes.
Possible implementations are:
- in the query engine, pros: generic implement once, cons: possibly complex to run reentrant
queries, not possible to leverage any index specific capability
- in the index implementations, pros: possible to leverage specific index implementations,
easier to run multiple queries in one JCR / Oak query, cons: need to implement ACL check mechanism
for suggestion per index


was (Author: teofili):
the approached discussed offline with [~chetanm] and [~tmueller] is to run the suggest query
unfiltered and then to run another query for each of the returned suggestion to check if the
calling user is allowed to read at least one of the resulting nodes.
Possible implementations are:
- in the query engine, pros: generic implement once, cons: possibly complex to run reentrant
queries, not possible to leverage any index specific capability
- in the index implementations, pros: possible to leverage specific index implementations,
easier to run multiple queries in one JCR / Oak query, cons: need to implement ACL check mechanism
for suggestion per index

> ACL checks on suggestions
> -------------------------
>
>                 Key: OAK-2473
>                 URL: https://issues.apache.org/jira/browse/OAK-2473
>             Project: Jackrabbit Oak
>          Issue Type: Sub-task
>          Components: query
>            Reporter: Tommaso Teofili
>             Fix For: 1.1.7
>
>
> Support for ACL check suggestions needs to be added to avoid providing suggestions coming
from index data whose source nodes / properties were not meant to be readable from the calling
user.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message