[
https://issues.apache.org/jira/browse/JCR-2863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Antoine Brochard updated JCR-2863:
----------------------------------
Description:
When importing referenceable nodes, if there are nodes with the same uuid in
the workspace but the session has no sufficient permission to read them then
the import will fail no matter what ImportUUIDBehavior is chosen.
But the same xml will be imported successfully in another repository or if the
user have read access.
SessionImpl.java :
public NodeImpl getNodeById(NodeId id) ...{
...
try {
return (NodeImpl) getItemManager().getItem(id);
} catch (AccessDeniedException ade) {
throw new ItemNotFoundException(id.toString());
}
}
SessionImporter.java :
public void startNode(NodeInfo nodeInfo, List propInfos)...{
...
if (node == null) {
// create node
if (id == null) {
...
} else {
// potential uuid conflict
NodeImpl conflicting;
try {
conflicting = session.getNodeById(id);
} catch (ItemNotFoundException infe) {
conflicting = null;
}
if (conflicting != null) {
// resolve uuid conflict
...
}
...
}
In the JCR 1.0 spec says "lack of read access to an item blocks access to both
information about the content of that item and information about the existence
of the item" but this should probably not be true, internally, when doing an
import.
Otherwise it means that read access to an entire workspace must be granted to a
user so that it could successfully use the IMPORT_UUID_CREATE_NEW behaviour.
was:
When importing referenceable nodes, if there are nodes with the same uuid in
the workspace but the session has no sufficient permission to read them then
the import will fail not matter what ImportUUIDBehavior is chosen.
> Import can't handle properly uuid collision if user has insufficient
> permission
> -------------------------------------------------------------------------------
>
> Key: JCR-2863
> URL: https://issues.apache.org/jira/browse/JCR-2863
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Components: jackrabbit-core, xml
> Affects Versions: 1.6.1
> Reporter: Antoine Brochard
>
> When importing referenceable nodes, if there are nodes with the same uuid in
> the workspace but the session has no sufficient permission to read them then
> the import will fail no matter what ImportUUIDBehavior is chosen.
> But the same xml will be imported successfully in another repository or if
> the user have read access.
> SessionImpl.java :
> public NodeImpl getNodeById(NodeId id) ...{
> ...
> try {
> return (NodeImpl) getItemManager().getItem(id);
> } catch (AccessDeniedException ade) {
> throw new ItemNotFoundException(id.toString());
> }
> }
> SessionImporter.java :
> public void startNode(NodeInfo nodeInfo, List propInfos)...{
> ...
> if (node == null) {
> // create node
> if (id == null) {
> ...
> } else {
> // potential uuid conflict
> NodeImpl conflicting;
> try {
> conflicting = session.getNodeById(id);
> } catch (ItemNotFoundException infe) {
> conflicting = null;
> }
> if (conflicting != null) {
> // resolve uuid conflict
> ...
> }
> ...
> }
> In the JCR 1.0 spec says "lack of read access to an item blocks access to
> both information about the content of that item and information about the
> existence of the item" but this should probably not be true, internally, when
> doing an import.
> Otherwise it means that read access to an entire workspace must be granted to
> a user so that it could successfully use the IMPORT_UUID_CREATE_NEW behaviour.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
