You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2015/11/23 19:17:11 UTC

[jira] [Created] (OAK-3671) Incomplete cleanup of entries in ACL

angela created OAK-3671:
---------------------------

             Summary: Incomplete cleanup of entries in ACL
                 Key: OAK-3671
                 URL: https://issues.apache.org/jira/browse/OAK-3671
             Project: Jackrabbit Oak
          Issue Type: Bug
          Components: core
            Reporter: angela
            Assignee: angela
             Fix For: 1.3.11


the current base implementation of the {{JackrabbitAccessControlList}} present in oak performs some cleanup in order to avoid accumulating a lot of redundant access control entries.

in the following sequence of ACE the cleanup however is incomplete as the code breaks after the cleanup:

existing
- grant {{jcr:write}} to principalA
- deny {{jcr:read}} to principalA

new entry:
- granite {{jcr:read}} to principalA

the expected outcome would be that the deny entry is removed and the new allow merged with the first entry. instead the deny entry is still present after having added the new entry.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)