You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "Kamil (JIRA)" <ji...@apache.org> on 2015/10/30 18:08:27 UTC
[jira] [Created] (JCR-3927) UserManager doesn't clean removed user
nodes
Kamil created JCR-3927:
--------------------------
Summary: UserManager doesn't clean removed user nodes
Key: JCR-3927
URL: https://issues.apache.org/jira/browse/JCR-3927
Project: Jackrabbit Content Repository
Issue Type: Bug
Reporter: Kamil
When I create JCR User and assign some privileges to him:
{noformat}
Session session = repository.login(new SimpleCredentials("admin", "admin".toCharArray()), "workspace");
UserManager userManager = ((JackrabbitSession)session).getUserManager();
Principal principal = userManager.createUser("test", "test").getPrincipal();
JackrabbitAccessControlList jacl = null;
JackrabbitAccessControlManager acManager = (JackrabbitAccessControlManager) session.getAccessControlManager();
JackrabbitAccessControlPolicy[] policies = acManager.getPolicies(principal);
if (policies.length == 0) {
// No policies yet. Create one from the applicablePolicies
policies = acManager.getApplicablePolicies(principal);
}
jacl = (JackrabbitAccessControlList) policies[0];
Privilege[] privileges = new Privilege[]{acManager.privilegeFromName(Privilege.JCR_ALL)};
Map<String, Value> restrictions = new HashMap<String, Value>();
ValueFactory vf = session.getValueFactory();
restrictions.put("rep:nodePath", vf.createValue("/", PropertyType.PATH)); //and some other restrictions
jacl.addEntry(principal, privileges, true, restrictions);
acManager.setPolicy(jacl.getPath(), jacl);
session.save();
{noformat}
and then I print out all the nodes:
{noformat}
QueryManager manager = session.getWorkspace().getQueryManager();
Query query = manager.createQuery("SELECT * FROM [nt:base] AS n ORDER BY NAME ASC", Query.JCR_SQL2);
NodeIterator res = query.execute().getNodes();
while (res.hasNext()) {
Node n = res.nextNode();
System.out.println(String.format("%s: %s", n.getIdentifier(), n));
}
{noformat}
Then I receive this:
{noformat}
cafebabe-cafe-babe-cafe-babecafebabe: node /
e482b4ff-8faa-42e1-a534-25373d5abfbc: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test
d0f7f4b5-f61f-457f-9b8f-0683bb937c5e: node /rep:accesscontrol
b9446997-df48-4552-8ef9-cb4bdffcee53: node /rep:accesscontrol/rep:security
2a90eeb3-60d0-4f92-9175-d141c4c337e0: node /rep:accesscontrol/rep:security/rep:authorizables
f900633b-09af-44b6-bb1f-151e283df245: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test/rep:policy
88fcb55b-efb2-40f3-90c1-976ba2a0c9fe: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test/rep:policy/entry2
464d7a4b-1268-49cf-a4c8-59cb9d6d800c: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test/rep:policy/entry0
84b93de7-d727-43d9-b49a-0bff86fbfef6: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test/rep:policy/entry1
9d3072ef-cd6c-4cf4-b726-4527fb0ab5b4: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test/rep:policy/entry
28bd07a8-ad99-4e06-a968-c863232a22a0: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users
4e4311f6-f984-4605-88ae-c6ad5e6475cf: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t
48b1f67e-f70a-4c77-8f0f-3952fefaf0b8: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te
deadbeef-cafe-babe-cafe-babecafebabe: node /jcr:system
deadbeef-face-babe-cafe-babecafebabe: node /jcr:system/jcr:versionStorage
deadbeef-face-babe-ac71-babecafebabe: node /jcr:system/jcr:activities
{noformat}
But when I delete the user:
{noformat}
JackrabbitAccessControlManager acManager = (JackrabbitAccessControlManager) session.getAccessControlManager();
JackrabbitAccessControlList jacl = getOrCreateAccessControlPolicy(session, authorizable.getPrincipal());
acManager.removePolicy(jacl.getPath(), jacl);
authorizable.remove();
session.save();
{noformat}
and print out all nodes again, I receive this output:
{noformat}
cafebabe-cafe-babe-cafe-babecafebabe: node /
e482b4ff-8faa-42e1-a534-25373d5abfbc: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test
d0f7f4b5-f61f-457f-9b8f-0683bb937c5e: node /rep:accesscontrol
b9446997-df48-4552-8ef9-cb4bdffcee53: node /rep:accesscontrol/rep:security
2a90eeb3-60d0-4f92-9175-d141c4c337e0: node /rep:accesscontrol/rep:security/rep:authorizables
28bd07a8-ad99-4e06-a968-c863232a22a0: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users
4e4311f6-f984-4605-88ae-c6ad5e6475cf: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t
48b1f67e-f70a-4c77-8f0f-3952fefaf0b8: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te
deadbeef-cafe-babe-cafe-babecafebabe: node /jcr:system
deadbeef-face-babe-cafe-babecafebabe: node /jcr:system/jcr:versionStorage
deadbeef-face-babe-ac71-babecafebabe: node /jcr:system/jcr:activities
{noformat}
so these nodes:
{noformat}
/rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te/test
4e4311f6-f984-4605-88ae-c6ad5e6475cf: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t
48b1f67e-f70a-4c77-8f0f-3952fefaf0b8: node /rep:accesscontrol/rep:security/rep:authorizables/rep:users/t/te
{noformat}
are still there instead of being removed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)