You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Julian Reschke (JIRA)" <ji...@apache.org> on 2017/07/27 07:07:00 UTC
[jira] [Commented] (OAK-4693) Impersonating users can't unlock
nodes
[ https://issues.apache.org/jira/browse/OAK-4693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16102820#comment-16102820 ]
Julian Reschke commented on OAK-4693:
-------------------------------------
bq. An impersonating user can lock a node, but can't unlock a node.
Well, that's because any user can lock a node in theory.
bq. but can't unlock a node.
Actually he could, if he used the lock token (assuming this is about open-scoped locks).
The "unlock-with-lock-token" for admin users is meant for recovery of abandoned locks, not for regular use.
> Impersonating users can't unlock nodes
> --------------------------------------
>
> Key: OAK-4693
> URL: https://issues.apache.org/jira/browse/OAK-4693
> Project: Jackrabbit Oak
> Issue Type: Wish
> Components: jcr
> Affects Versions: 1.5.8
> Reporter: Zygmunt Wiercioch
>
> An impersonating user can lock a node, but can't unlock a node. Relaxed locking was introduced in: https://issues.apache.org/jira/browse/OAK-1329,
> but SessionImpl.impersonate() can't pass the attributes to the RepositoryImpl.login() method.
> {code}
> return getRepository().login(impCreds, sd.getWorkspaceName());
> {code}
> An attempt to unlock a node when impersonating will result in a failure since "oak.relaxed-locking" is not set.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)