You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Marco Piovesana (JIRA)" <ji...@apache.org> on 2016/03/03 13:09:18 UTC

[jira] [Updated] (OAK-4086) Group membership not verified during permission verification

     [ https://issues.apache.org/jira/browse/OAK-4086?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Marco Piovesana updated OAK-4086:
---------------------------------
    Description: 
I have a group called "MyUsers" containing a user called "marco". I've created a folder called "testfolder" with admin account and i granted read permission to the "MyUsers" group:
{code:java}
Node testfolder = adminSession.getNode("/testfolder"); 
boolean allow = AccessControlUtils.allow(testfolder, myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ}); 
{code}

When I login as "marco", if i try to find that folder i get an error saying that the folder doesn't exists (user does not have tthe permission to read it). It works only if I grant the READ permission directly to the user.
{code:java}
Session usrSession = repository.login(new SimpleCredentials("marco", "password".toCharArray()));
Node node = usrSession.getNode("/testfolder"); //here the code fails because the node is not found!!
{code}

  was:
I have a group called "MyUsers" containing a user called "marco". I've created a folder called "testfolder" with admin account and i granted read permission to the "MyUsers" group:
{code:java}
Node testfolder = adminSession.getNode("/testfolder"); 
boolean allow = AccessControlUtils.allow(testfolder, myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ}); 
{code}

When I login as "marco", if i try to find that folder i get an error saying that the folder doesn't exists (user does not have tthe permission to read it). It works only if I grant the READ permission directly to the user.


> Group membership not verified during permission verification
> ------------------------------------------------------------
>
>                 Key: OAK-4086
>                 URL: https://issues.apache.org/jira/browse/OAK-4086
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 1.3.16
>            Reporter: Marco Piovesana
>
> I have a group called "MyUsers" containing a user called "marco". I've created a folder called "testfolder" with admin account and i granted read permission to the "MyUsers" group:
> {code:java}
> Node testfolder = adminSession.getNode("/testfolder"); 
> boolean allow = AccessControlUtils.allow(testfolder, myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ}); 
> {code}
> When I login as "marco", if i try to find that folder i get an error saying that the folder doesn't exists (user does not have tthe permission to read it). It works only if I grant the READ permission directly to the user.
> {code:java}
> Session usrSession = repository.login(new SimpleCredentials("marco", "password".toCharArray()));
> Node node = usrSession.getNode("/testfolder"); //here the code fails because the node is not found!!
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)