[
https://issues.apache.org/jira/browse/JCRVLT-292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tobias Bocanegra updated JCRVLT-292:
------------------------------------
Resolution: Fixed
Fix Version/s: 3.2
Status: Resolved (was: Patch Available)
thanks [~anchela].
fixed in r1833885
> Order of ACLs are altered on installation of content packages
> -------------------------------------------------------------
>
> Key: JCRVLT-292
> URL: https://issues.apache.org/jira/browse/JCRVLT-292
> Project: Jackrabbit FileVault
> Issue Type: Bug
> Components: Packaging
> Reporter: angela
> Priority: Major
> Fix For: 3.2
>
> Attachments: JCRVLT-292-2.patch, JCRVLT-292.patch
>
>
> When installing a content package with AccessControlHandling _overwrite_
> access control entries contained in a given list are grouped by principal and
> ultimately imported with a different order that originally defined in the
> package.
> This alters the effective permissions for those {{Subject}}s that contain the
> principals for which the ACEs got imported.
> Example:
> 1. grant group1 read at /testroot
> 2. deny group2 read at specific subset of items within the tree defined by
> /testroot
> 3. grant group1 read/write at specific subset of items within the tree
> defined by /testroot
> The ACL resulting from the package import will contain the entries in the
> following order: 1, 3, 2.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
