Carsten Ziegeler wrote:
Julian Reschke wrote:
Carsten Ziegeler wrote:
Hi,
when I delete a locked node from the repository, the lock token
for this node is not removed from the session (I use a session scoped
lock and remove the node in the same session).
Below is the test code.
...
Not sure why that is a problem in practice. Could you elaborate?
Sure :) I think this is a bug - even if the impact is not that huge. But
if you list all your lock tokens you don't expect invalid tokens there.
So maybe we need to clarify that.
I'm a bit concerned to require more because it may be hard to implement
in practice.
For instance, what about locks that get removed due to server-enforced
timeouts, or by admin intervention?
I noticed this in Sling where we pool/reuse the sessions for a single
user. So in fact we have a session wrapper that cleans up the session
after a logout. And one of the cleanups is to check the lock tokens. Of
course the handling of the remaining tokens fails as there are invalid
ones inbetween.
So fix that :-)
...
BR, Julian
