[
https://issues.apache.org/jira/browse/JCR-3382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13620953#comment-13620953
]
Frank van Lankvelt edited comment on JCR-3382 at 4/3/13 2:31 PM:
-----------------------------------------------------------------
check whether the node can be read after retrieving it from the cache.
Patch was against the jackrabbit-2.6 branch @ revision 1462315
was (Author: lankvelt):
check whether the node can be read after retrieving it from the cache.
> ItemManager.getNode does not do a permission check when the item data is in
> the item manager cache
> --------------------------------------------------------------------------------------------------
>
> Key: JCR-3382
> URL: https://issues.apache.org/jira/browse/JCR-3382
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Affects Versions: 2.6
> Reporter: Unico Hommes
> Assignee: Unico Hommes
> Attachments: JCR-3382.patch
>
>
> Read access should be checked irrespective of whether the item data is in the
> cache or not. Something might have changed between first reading the node and
> reading the node again that impacts read access.
> We are running into the situation where node.hasNode() returns false for a
> node that is in the item manager cache and for which access was revoked but
> node.getNode() returns the node anyway. So node.hasNode is implemented in the
> right way, but node.getNode is not.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
