jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] [Created] (OAK-8276) OR-CompositeTreePermission.grantsPermission should loop over aggregates of supported permissions
Date Thu, 25 Apr 2019 08:58:00 GMT
angela created OAK-8276:
---------------------------

             Summary: OR-CompositeTreePermission.grantsPermission should loop over aggregates
of supported permissions
                 Key: OAK-8276
                 URL: https://issues.apache.org/jira/browse/OAK-8276
             Project: Jackrabbit Oak
          Issue Type: Bug
          Components: core, security
            Reporter: angela


[~stillalex], issue as discussed in person: while working on OAK-8269 and the missing tests
for the ORing {{CompositeTreePermission}} i noticed the following issue in {{grantsPermission}}:
after obtaining the supported permissions the code loops over the individual permissions aggregated.
but passes the original permission instead of the supported ones which potentially only include
a subset.

the affected code inside the method looks as follows:
{code}
            long supported = providers[i].supportedPermissions(tp, property, permissions);
            if (doEvaluate(supported)) {
                if (compositionType == AND) {
                   [...]
                } else {
                    for (long p : Permissions.aggregates(permissions)) {    // <==== issue
line 221 
                        [...]
                    }
                }
            }
{code}

IMO the code at line 221 should rather be as follows:

{code}
for (long p : Permissions.aggregates(supported)) {
{code}

i will go ahead fix it along with a test case that illustrates the issue. 





--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message