[
https://issues.apache.org/jira/browse/JCR-2488?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
angela resolved JCR-2488.
-------------------------
Fix Version/s: 2.2.0
Resolution: Fixed
this should now be possible using the restriction added by JCR-2700.
> Add the ability to disable inheriting ancestor ACLs
> ---------------------------------------------------
>
> Key: JCR-2488
> URL: https://issues.apache.org/jira/browse/JCR-2488
> Project: Jackrabbit Content Repository
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.0.0
> Reporter: Weston Bustraan
> Assignee: angela
> Priority: Minor
> Fix For: 2.2.0
>
> Attachments: windows-xp-permission-inheritance.jpg
>
>
> The current ACL implementation will walk the tree from the item being
> accessed, up to the root, collecting ACL entries for all the ancestors. With
> this system, there is no easy way to restrict access to subnodes except by
> adding DENY entries to negate the entries inherited from the parent nodes.
> I'd like to request a way to turn this behavior off either at a node level or
> global level.
> The place where recursion is happening is in
> org.apache.jackrabbit.core.security.authorization.acl.ACLProvider$Entries.collectEntries(NodeImpl
> node). Inside this method, it could perhaps check a global parameter or the
> existence of property of the ACL policy node to determine whether to recurse
> up the tree.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
