[
https://issues.apache.org/jira/browse/JCR-3714?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13873596#comment-13873596
]
angela commented on JCR-3714:
-----------------------------
just wrote a test case according to the description for
org.apache.jackrabbit.core.security.authorization.acl.WriteTest:
{code}
public void testWrite() throws Exception {
try {
Group g = getTestGroup();
g.addMember(testUser);
g.addMember(getUserManager(superuser).createUser("a", "a"));
g.addMember(getUserManager(superuser).createUser("b", "b"));
superuser.save();
givePrivileges(path, g.getPrincipal(),
privilegesFromName("rep:write"), Collections.EMPTY_MAP);
Session s = getHelper().getRepository().login(new
SimpleCredentials("b", "b".toCharArray()));
Node n = s.getNode(path);
n.addNode("n");
s.save();
s.logout();
g.removeMember(getUserManager(superuser).getAuthorizable("a"));
superuser.save();
s = getHelper().getRepository().login(new SimpleCredentials("b",
"b".toCharArray()));
n = s.getNode(path);
n.addNode("n");
s.save();
s.logout();
} finally {
Authorizable a = getUserManager(superuser).getAuthorizable("a");
if (a != null) {
a.remove();
}
Authorizable b = getUserManager(superuser).getAuthorizable("b");
if (b != null) {
b.remove();
}
superuser.save();
}
}
{code}
it passes. up to now i am not surprised as the user management operation
doesn't interacting with the permission evaluation...
sakshi, unless you provide another test case that illustrates the problem, i
would opt for resolving this invalid.
> ACL not honoured once the group is shrunk.
> ------------------------------------------
>
> Key: JCR-3714
> URL: https://issues.apache.org/jira/browse/JCR-3714
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Reporter: Sakshi Arora
>
> I gave jcr:write permission to a group, on a crx node.
> ACL is honoured at this stage, that is, a group member is able to create its
> child node, modify its property etc..
> Now I removed a member from the group (Shrunk the group to lesser number of
> users).
> ACL stopped being honoured. None of the group member is able to create child
> node for the crx node, on which the ACL was applied.
> Steps to reproduce:
> 1. Create a user group, add a few members.
> 2. Create a node, apply 'jcr:write' permission on that node for that group.
> 3. Login as one of the group member, you will be able to create a child node.
> 4. Remove one of the member from the user group.
> 5. Now login as any existing member of the group, you will not be able to
> create a child node on that node.
> (the node has jcr:read permission for everyone)
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
