You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Marco Piovesana (JIRA)" <ji...@apache.org> on 2018/11/02 14:42:00 UTC

[jira] [Created] (OAK-7879) ACL can be modified on versioned node without having to check-out the node first

Marco Piovesana created OAK-7879:
------------------------------------

             Summary: ACL can be modified on versioned node without having to check-out the node first
                 Key: OAK-7879
                 URL: https://issues.apache.org/jira/browse/OAK-7879
             Project: Jackrabbit Oak
          Issue Type: Bug
    Affects Versions: 1.8.8
            Reporter: Marco Piovesana


If I create the first version of a node *after* adding an ACE to it, then I can add or remove other ACE without having to checkout the node.
 
If I create the first version of the node *before* adding the first ACE, then I get the error (_OakVersion0001: Cannot change property jcr:mixinTypes on checked in node_) whenever i try to modify the node permissions without checking it out first.
 
Following a code snippet showing the first case:
 
{code:java}
Session adminSession = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));

            UserManager userManager = ((JackrabbitSession) adminSession).getUserManager();
            User firstUser = userManager.createUser("firstUser", "firstUser", new PrincipalImpl("firstUser"), null);
            Principal firstUserPrincipal = firstUser.getPrincipal();
            adminSession.save();

            Node myFolder = JcrUtils.getOrAddNode(adminSession.getRootNode(), "my folder", "nt:folder");
            myFolder.addMixin(JcrConstants.MIX_VERSIONABLE);

            AccessControlUtils.addAccessControlEntry(adminSession, myFolder.getPath(), firstUserPrincipal, new String[]{Privilege.JCR_ALL}, true);
            adminSession.save();

            VersionManager versionManager = adminSession.getWorkspace().getVersionManager();
            versionManager.checkout(myFolder.getPath());
            versionManager.checkin(myFolder.getPath());

            AccessControlUtils.clear(myFolder, firstUserPrincipal.getName());
            AccessControlUtils.addAccessControlEntry(adminSession, myFolder.getPath(), firstUserPrincipal, new String[]{Privilege.JCR_READ}, true);

            adminSession.save();
            adminSession.logout();
{code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)