jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OAK-598) TreeLocation#NULL allows to reveal the existence of items that are not accessible
Date Thu, 31 Jan 2013 10:57:17 GMT

    [ https://issues.apache.org/jira/browse/OAK-598?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13567535#comment-13567535

angela commented on OAK-598:

fine with me... i didn't think of this issue when we moved it to the API as i had
my focus on oak-jcr making usage of the internal NULL implementation... if all
usages in oak-jcr can be covered with exists() then this was for sure better.
i had a quick look at it seemed feasible... but having a second look was for 
sure needed.
> TreeLocation#NULL allows to reveal the existence of items that are not accessible
> ---------------------------------------------------------------------------------
>                 Key: OAK-598
>                 URL: https://issues.apache.org/jira/browse/OAK-598
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core, jcr
>            Reporter: angela
> the javadoc of TreeLocation#NULL states:
> {quote}
> This {@code TreeLocation} refers to an invalid location in a tree. That is
> to a location where no item resides.
> {quote}
> while api consumers are not allowed to access items they are not allowed
> to read, the NULL location allows to determine if a given item does really
> not exist or was simply not accessible to the editing content session.
> IMO this should be fixed by not exposing the NULL implementation and
> making sure oak-jcr doesn't need it. maybe adding a shortcut method to
> test the underlying item is not null (e.g. exists()).

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message