You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Marco Piovesana (JIRA)" <ji...@apache.org> on 2016/03/03 13:09:18 UTC
[jira] [Updated] (OAK-4086) Group membership not verified during
permission verification
[ https://issues.apache.org/jira/browse/OAK-4086?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marco Piovesana updated OAK-4086:
---------------------------------
Description:
I have a group called "MyUsers" containing a user called "marco". I've created a folder called "testfolder" with admin account and i granted read permission to the "MyUsers" group:
{code:java}
Node testfolder = adminSession.getNode("/testfolder");
boolean allow = AccessControlUtils.allow(testfolder, myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ});
{code}
When I login as "marco", if i try to find that folder i get an error saying that the folder doesn't exists (user does not have tthe permission to read it). It works only if I grant the READ permission directly to the user.
{code:java}
Session usrSession = repository.login(new SimpleCredentials("marco", "password".toCharArray()));
Node node = usrSession.getNode("/testfolder"); //here the code fails because the node is not found!!
{code}
was:
I have a group called "MyUsers" containing a user called "marco". I've created a folder called "testfolder" with admin account and i granted read permission to the "MyUsers" group:
{code:java}
Node testfolder = adminSession.getNode("/testfolder");
boolean allow = AccessControlUtils.allow(testfolder, myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ});
{code}
When I login as "marco", if i try to find that folder i get an error saying that the folder doesn't exists (user does not have tthe permission to read it). It works only if I grant the READ permission directly to the user.
> Group membership not verified during permission verification
> ------------------------------------------------------------
>
> Key: OAK-4086
> URL: https://issues.apache.org/jira/browse/OAK-4086
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: security
> Affects Versions: 1.3.16
> Reporter: Marco Piovesana
>
> I have a group called "MyUsers" containing a user called "marco". I've created a folder called "testfolder" with admin account and i granted read permission to the "MyUsers" group:
> {code:java}
> Node testfolder = adminSession.getNode("/testfolder");
> boolean allow = AccessControlUtils.allow(testfolder, myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ});
> {code}
> When I login as "marco", if i try to find that folder i get an error saying that the folder doesn't exists (user does not have tthe permission to read it). It works only if I grant the READ permission directly to the user.
> {code:java}
> Session usrSession = repository.login(new SimpleCredentials("marco", "password".toCharArray()));
> Node node = usrSession.getNode("/testfolder"); //here the code fails because the node is not found!!
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)