You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by ju...@apache.org on 2009/04/23 14:54:38 UTC
svn commit: r767907 -
/jackrabbit/branches/1.5/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ItemImpl.java
Author: jukka
Date: Thu Apr 23 12:54:38 2009
New Revision: 767907
URL: http://svn.apache.org/viewvc?rev=767907&view=rev
Log:
JCR-2036: Set_property permission not checked when saving a new node
Applied patch by Bart van der Schans to the 1.5 branch.
Modified:
jackrabbit/branches/1.5/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ItemImpl.java
Modified: jackrabbit/branches/1.5/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ItemImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/1.5/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ItemImpl.java?rev=767907&r1=767906&r2=767907&view=diff
==============================================================================
--- jackrabbit/branches/1.5/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ItemImpl.java (original)
+++ jackrabbit/branches/1.5/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ItemImpl.java Thu Apr 23 12:54:38 2009
@@ -372,18 +372,15 @@
while (dirtyIter.hasNext()) {
ItemState itemState = (ItemState) dirtyIter.next();
- if (itemState.getStatus() != ItemState.STATUS_NEW) {
- /* transient item is not 'new', therefore it has to be 'modified'
- detect the effective set of modification:
- - child additions -> add_node perm on the child
- - property additions, modifications or removals -> set_property permission
- note: removed items are checked later on.
- */
- // check WRITE permission
- Path path = stateMgr.getHierarchyMgr().getPath(itemState.getId());
- boolean isGranted = true;
- if (itemState.isNode()) {
+ // check WRITE permission
+ Path path = stateMgr.getHierarchyMgr().getPath(itemState.getId());
+ boolean isGranted = true;
+ if (itemState.isNode()) {
+ if (itemState.getStatus() != ItemState.STATUS_NEW) {
// modified node state -> check possible modifications
+ // - child additions -> add_node perm on the child
+ // - property additions, modifications or removals -> set_property permission
+ // note: removed items are checked later on.
NodeState nState = (NodeState) itemState;
for (Iterator it = nState.getAddedChildNodeEntries().iterator();
it.hasNext() && isGranted;) {
@@ -395,15 +392,16 @@
Name propName = (Name) it.next();
isGranted = accessMgr.isGranted(path, propName, Permission.SET_PROPERTY);
}
- } else {
- isGranted = accessMgr.isGranted(path, Permission.SET_PROPERTY);
}
+ } else {
+ // a property has been modified or added, check set_poperty
+ isGranted = accessMgr.isGranted(path, Permission.SET_PROPERTY);
+ }
- if (!isGranted) {
- String msg = itemMgr.safeGetJCRPath(path) + ": not allowed to modify item";
- log.debug(msg);
- throw new AccessDeniedException(msg);
- }
+ if (!isGranted) {
+ String msg = itemMgr.safeGetJCRPath(path) + ": not allowed to modify item";
+ log.debug(msg);
+ throw new AccessDeniedException(msg);
}
if (itemState.isNode()) {