Node removal fails
------------------
Key: JCR-2420
URL: https://issues.apache.org/jira/browse/JCR-2420
Project: Jackrabbit Content Repository
Issue Type: Bug
Components: jackrabbit-core, security
Affects Versions: 1.6.0
Reporter: Michael Stämpfli
Priority: Blocker
I have a hierarchy of nodes which are all access controllable. The following
hierarchy illustrates the setup for my problem.
root - read permissions to everyone
| - subFolder - all permissions to user A
| - subsubFolder - all permissions to user A
The user A has all rights from the node "subFolder" downwards.
I tried to remove the node "subsubFolder" with the user A. Clearly A has enough
permissions to remove the node. But as soon as I call Session.save() an
AccessDeniedException is thrown.
I did a lot of debugging and found a possible cause for this fault. It led me
to the function ACLProvider.AclPermissions.buildResult(). All line references
are based on the source code in the subversion repository found here:
http://svn.apache.org/viewvc/jackrabbit/tags/1.6.0/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java?view=markup.
On line 458 Jackrabbit collects all access control entries of the node, that I
want to remove, and all its parents and puts it in the variable "entries". In
my example this variable contains three entries:
1. all permissions to user A
2. all permissions to user A
3. read permissions to everyone
On lines 460 - 466 it collects all access control entries of the node, that I
want to remove, and puts it in "localACEs". This variable contains one entry:
all permissions to user A.
If I want to be able to remove "subsubFolder", user A needs the permission from
the parent node. The permissions of the parent nodes of "subsubFolder" are: all
permissions to user A and read permissions to everyone. But that's where the
access check fails. In line 488 Jackrabbit checks if a permission from
"entries" is local or not by looking it up in "localACEs". If it is in there,
the permission is local, else not. Unfortunately it recognizes the permission
of the node "subFolder" as local. Thus the permissions of the parent nodes of
"subsubFolder" are: read permissions to everyone. So I cannot remove the node.
The source of the error is the equals check of the access control entries. The
permissions of node "subFolder" are considered equal to the one of
"subsubFolder". If I explicitly assign the permission "remove node permission
to user A" to the node "subFolder", it works fine, because it is recognized as
parent permission.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
