You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2014/01/22 03:42:20 UTC

[jira] [Created] (OAK-1348) ACE merging not behaving correctly if not using managed principals

Tobias Bocanegra created OAK-1348:
-------------------------------------

             Summary: ACE merging not behaving correctly if not using managed principals
                 Key: OAK-1348
                 URL: https://issues.apache.org/jira/browse/OAK-1348
             Project: Jackrabbit Oak
          Issue Type: Bug
          Components: security
    Affects Versions: 0.15
            Reporter: Tobias Bocanegra


{{org.apache.jackrabbit.api.security.JackrabbitAccessControlList#addEntry()}} does not work correctly, if the given principal is not retrieved from the PrincipalManager.

this used to work in jackrabbit 2.x.

the problem is probably in {{org.apache.jackrabbit.oak.security.authorization.accesscontrol.ACL#internalAddEntry}} where the principals are "equalled" instead of comparing their names.

note, that adding an ACE with such a principal works, just the merging/overwriting detection doesn't.

test:
{code}
  Principal p1 = new Principal() { getName(){return "foo"}};
  Principal p2 = new Principal() { getName(){return "foo"}};
  acl.addEntry(p1, privileges, true);
  acl.addEntry(p2, privileges, false);
  ...
  save(); // throws
{code}



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)