You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2008/10/16 10:16:44 UTC
[jira] Updated: (JCR-1729) Node#addNode fails with
AccessDeniedException if session lacks read-permission to an ancestor
[ https://issues.apache.org/jira/browse/JCR-1729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela updated JCR-1729:
------------------------
Summary: Node#addNode fails with AccessDeniedException if session lacks read-permission to an ancestor (was: Node#addNode failes with AccessDeniedException if session lacks read-permission to an acestor)
> Node#addNode fails with AccessDeniedException if session lacks read-permission to an ancestor
> ---------------------------------------------------------------------------------------------
>
> Key: JCR-1729
> URL: https://issues.apache.org/jira/browse/JCR-1729
> Project: Jackrabbit
> Issue Type: Bug
> Components: jackrabbit-core, security
> Reporter: christian
> Priority: Minor
>
> Consider a Session that has following permissions:
> /home -> no permission
> /home/myself -> read|remove|set_property|add_node
> if this session tries to add a Node to /home/myself.
> An AccessDeniedException is thrown indicateing that it can not read /home.
> The Exception is caused by the Node's check, if it is checked-out.
> This check asumes that the session has read-access to all its ancestors.
> Which breaks in this case:
> see NodeImpl internalIsCheckedOut() (ln 3875)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.