Re: [magnolia-dev] AccessDenied exception

Wed, 13 Jun 2007 09:47:48 -0700 

I think it should.
we should go through DefaultHierarchyManager and Content once to fix these security holes. other issues are listed in MAGNOLIA-1536 

- Sameer


On Jun 8, 2007, at 11:25 PM, Grégory Joseph wrote:


Content.hasContent(String name) currently does not do security  
checking

(maybe it should?)

g

On Jun 8, 2007, at 23:18 , Amir Mistric wrote:


Hi

I have a quick question:

My custom tag has a method that check if the node exists...
So I have something like:

        try {
            Content c = pageToCheck.getContent(nodeToCheck);
            String s = c.getName();
            // exists...

            log.debug("[" + nodeToCheck + "] FOUND in [" +  
pageToCheck.getHandle() + "]");

            return true;
        } catch (PathNotFoundException e) {
            // does not exist...

            log.debug("[" + nodeToCheck + "] NOT FOUND in [" +  
pageToCheck.getHandle() + "]");

            return false;
        } catch (AccessDeniedException e) {
            // exists but no access...

            log.debug("[" + nodeToCheck + "] FOUND (access denied)  
in [" + pageToCheck.getHandle() + "]");

            return true;
        } catch (RepositoryException e) {
            throw new NestableRuntimeException(e);
        }

My question is regarding AccessDenied exception.

Seems to be thrown before PathNotFoundException....Which poses my  
question:




In the example above, when AccessDeniedException is thrown how can  
I still check if the node exists?


Regards
Amir








----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/developer.html
----------------------------------------------------------------



----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/developer.html
----------------------------------------------------------------


Regards,

Sameer Charles
Magnolia International Ltd.


------------------------------------------------------------------------ 
---------

[EMAIL PROTECTED]       http://www.magnolia.info
Magnolia®  - Simple Enterprise Content Management

------------------------------------------------------------------------ 
---------








----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/docs/en/editor/stayupdated.html
----------------------------------------------------------------






















					Reply via email to