jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tommaso Teofili (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (OAK-2473) ACL checks on suggestions
Date Mon, 09 Feb 2015 15:12:35 GMT

    [ https://issues.apache.org/jira/browse/OAK-2473?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14312337#comment-14312337
] 

Tommaso Teofili edited comment on OAK-2473 at 2/9/15 3:12 PM:
--------------------------------------------------------------

in a related chat with [~anchela] it seems the {{NodeState}} has to be a {{SecureNodeState}}
in order to be used for this purpose. Therefore it may be that we need to make it possible
to directly or indirectly use the {{PermissionProvider}} from within the {{QueryIndex}} in
order to properly make ACL checks at such a level, see also OAK-2423 for a related discussion.

/cc [~tmueller], [~chetanm]


was (Author: teofili):
in a related chat with [~anchela] it seems the {{NodeState}} has to be a {{SecureNodeState}}
in order to be used for this purpose. Therefore it may be that we need to make it possible
to directly or indirectly use the {{PermissionProvider}} from within the {{QueryIndex}} in
order to properly make ACL checks at such a level. 
/cc [~tmueller], [~chetanm]

> ACL checks on suggestions
> -------------------------
>
>                 Key: OAK-2473
>                 URL: https://issues.apache.org/jira/browse/OAK-2473
>             Project: Jackrabbit Oak
>          Issue Type: Sub-task
>          Components: oak-lucene, oak-solr, query
>            Reporter: Tommaso Teofili
>            Assignee: Tommaso Teofili
>             Fix For: 1.1.7
>
>         Attachments: OAK-2473.0.patch
>
>
> Support for ACL check suggestions needs to be added to avoid providing suggestions coming
from index data whose source nodes / properties were not meant to be readable from the calling
user.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message