[jira] [Commented] (OAK-444) Authorization for the jcr version store

["angela (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/OAK-444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13777473#comment-13777473 ] 

angela commented on OAK-444:
----------------------------

Committed revision 1526174: 
added access eval for configurations and activities resolving todos in the code. currently this cannot be tested as the corresponding features are still missing.

apart from that i would consider this issue fixed.
                
> Authorization for the jcr version store
> ---------------------------------------
>
>                 Key: OAK-444
>                 URL: https://issues.apache.org/jira/browse/OAK-444
>             Project: Jackrabbit Oak
>          Issue Type: Sub-task
>          Components: core
>            Reporter: angela
>            Assignee: angela
>
> as explained in JCR-2963 the version store needs special attention when
> it comes to access control and permissions enforced on the store.
> for oak we need to define mechanisms on how to control access to the
> version store and provide the possibility to limit access to individual
> parts of the version store. some possibilities are already listed in JCR-2963.
> additional topics include:
> - searching for versioned content
> - find and restore versions that have no corresponding versionable node in
>   the content tree
> - ability to prevent access to version store altogether without preventing
>   access to versions/version histories through JCR version operations

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira