You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2018/06/20 02:08:00 UTC
[jira] [Updated] (JCRVLT-292) Order of ACLs are altered on
installation of content packages
[ https://issues.apache.org/jira/browse/JCRVLT-292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tobias Bocanegra updated JCRVLT-292:
------------------------------------
Resolution: Fixed
Fix Version/s: 3.2
Status: Resolved (was: Patch Available)
thanks [~anchela].
fixed in r1833885
> Order of ACLs are altered on installation of content packages
> -------------------------------------------------------------
>
> Key: JCRVLT-292
> URL: https://issues.apache.org/jira/browse/JCRVLT-292
> Project: Jackrabbit FileVault
> Issue Type: Bug
> Components: Packaging
> Reporter: angela
> Priority: Major
> Fix For: 3.2
>
> Attachments: JCRVLT-292-2.patch, JCRVLT-292.patch
>
>
> When installing a content package with AccessControlHandling _overwrite_ access control entries contained in a given list are grouped by principal and ultimately imported with a different order that originally defined in the package.
> This alters the effective permissions for those {{Subject}}s that contain the principals for which the ACEs got imported.
> Example:
> 1. grant group1 read at /testroot
> 2. deny group2 read at specific subset of items within the tree defined by /testroot
> 3. grant group1 read/write at specific subset of items within the tree defined by /testroot
> The ACL resulting from the package import will contain the entries in the following order: 1, 3, 2.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)