You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Marcel Reutegger (JIRA)" <ji...@apache.org> on 2013/06/10 10:36:19 UTC

[jira] [Commented] (OAK-842) Incorrect interaction of orderable child nodes with access control

    [ https://issues.apache.org/jira/browse/OAK-842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13679381#comment-13679381 ] 

Marcel Reutegger commented on OAK-842:
--------------------------------------

This indeed looks quite bad now, after we introduced SecureNodeState. There is
even more stuff broken than what is now annotated with FIXMEs in the code.
E.g. TreeImpl#updateChildOrder() assumes it has access to all child nodes
through the NodeBuilder.

The only solution I see is to push the child order handling further down.
Remember the reasons for pushing it down from JCR to Oak? We said the
property must not be visible because it exposes information, which is
access controlled and would otherwise leak through. I think the same
applies here as well. Now that we handle access control on the NodeState
level, we have to move the child order handling as well.
                
> Incorrect interaction of orderable child nodes with access control 
> -------------------------------------------------------------------
>
>                 Key: OAK-842
>                 URL: https://issues.apache.org/jira/browse/OAK-842
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core
>            Reporter: Michael Dürig
>
> Working on OAK-813 revealed problems with the interaction of the current implementation of orderable nodes and access control:
> * {{TreeImpl#getOrderedChildNames}} returns all child names regardless whether they are accessible in the current session or not. This might cause errors further down the line like exposure of the existence of child nodes.
> * {{TreeImpl.remove}} doesn't (can't) update the child order property if the parent is not accessible. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira