[
https://issues.apache.org/jira/browse/JCR-2488?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
angela reassigned JCR-2488:
---------------------------
Assignee: angela
> Add the ability to disable inheriting ancestor ACLs
> ---------------------------------------------------
>
> Key: JCR-2488
> URL: https://issues.apache.org/jira/browse/JCR-2488
> Project: Jackrabbit Content Repository
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.0.0
> Reporter: Weston Bustraan
> Assignee: angela
> Priority: Minor
>
> The current ACL implementation will walk the tree from the item being
> accessed, up to the root, collecting ACL entries for all the ancestors. With
> this system, there is no easy way to restrict access to subnodes except by
> adding DENY entries to negate the entries inherited from the parent nodes.
> I'd like to request a way to turn this behavior off either at a node level or
> global level.
> The place where recursion is happening is in
> org.apache.jackrabbit.core.security.authorization.acl.ACLProvider$Entries.collectEntries(NodeImpl
> node). Inside this method, it could perhaps check a global parameter or the
> existence of property of the ACL policy node to determine whether to recurse
> up the tree.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
