[jira] [Updated] (OAK-897) Query+Security: Ensure joins can not reveal existence of invisible nodes

["Thomas Mueller (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/OAK-897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Thomas Mueller updated OAK-897:
-------------------------------

    Component/s: query
                 jcr
                 core
    
> Query+Security: Ensure joins can not reveal existence of invisible nodes
> ------------------------------------------------------------------------
>
>                 Key: OAK-897
>                 URL: https://issues.apache.org/jira/browse/OAK-897
>             Project: Jackrabbit Oak
>          Issue Type: Test
>          Components: core, jcr, query
>            Reporter: Thomas Mueller
>            Assignee: Thomas Mueller
>            Priority: Minor
>
> Queries must not see invisible nodes, but a query must also not reveal the existence of an invisible nodes. Example:
> {code}
> select a.* from [nt:base] as a 
> inner join [nt:base] as b 
> on isdescendantnode(b, a)
> where a.[jcr:path]=$path
> {code}
> The above query must only return nodes from selector "a" if the descendant "b" is also visible.
> This is currently working as expected as far as I see, but there is no test yet.
> Indexes don't know access rights (which is good), so that the query engine must check that the joined node is also visible, even if no data from that node is selected. In the example above, it is not enough to verify the nodes of selector "a" are visible: it is important to check access rights on selector "b" as well.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira