You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2021/05/06 11:13:37 UTC
svn commit: r1889563 - in /jackrabbit/oak/trunk:
oak-doc/src/site/markdown/security/user/authorizableaction.md
oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
Author: angela
Date: Thu May 6 11:13:37 2021
New Revision: 1889563
URL: http://svn.apache.org/viewvc?rev=1889563&view=rev
Log:
OAK-9425 : Improve javadoc and doc of ClearMembershipAction
Modified:
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md?rev=1889563&r1=1889562&r2=1889563&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md (original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md Thu May 6 11:13:37 2021
@@ -74,7 +74,7 @@ The following implementations of the `Au
* `AccessControlAction`: set up permission for new authorizables
* `PasswordValidationAction`: simplistic password verification upon user creation and password modification
* `PasswordChangeAction`: verifies that the new password is different from the old one
-* `ClearMembershipAction`: clear group membership upon removal of an authorizable.
+* `ClearMembershipAction`: clear group membership upon removal of an authorizable. Note, that this will only remove those membership references that are visible to the editing session.
As in Jackrabbit 2.x the actions are executed with the editing session and the
target operation will fail if any of the configured actions fails (e.g. due to
Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java?rev=1889563&r1=1889562&r2=1889563&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java (original)
+++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java Thu May 6 11:13:37 2021
@@ -30,6 +30,9 @@ import org.jetbrains.annotations.NotNull
* the specified authorizable. If {@link Group#removeMember(Authorizable)}
* fails due to lack of permissions {@link AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)}
* throws an exception and removing the specified authorizable will be aborted.
+ *
+ * NOTE: If the editing session doesn't have sufficient permission to read all group membership, the clean up might be
+ * incomplete.
*/
public class ClearMembershipAction extends AbstractAuthorizableAction {