[
https://issues.apache.org/jira/browse/SLING-1457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Justin Edelson closed SLING-1457.
---------------------------------
> AccessControlUtil.replaceAccessControlEntry(..) must preserve the order of
> the ACEs in the AccessControlList when merging changes into an existing ACE
> ------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SLING-1457
> URL: https://issues.apache.org/jira/browse/SLING-1457
> Project: Sling
> Issue Type: Bug
> Components: JCR
> Affects Versions: JCR Jackrabbit Access Manager 2.0.6
> Reporter: Eric Norman
> Assignee: Eric Norman
> Fix For: Launchpad Testing 6, JCR Jackrabbit Access Manager
> 2.0.6, JCR ContentLoader 2.1.0, JCR Base 2.1.0
>
>
> As described by Ray Davis on the jackrabbit-users mailing list (see
> http://www.mail-archive.com/[email protected]/msg14734.html ), the
> order of the ACEs in the AccessControlList is important for resolving
> conflicting group permissions. When resolving the permissions, if the
> current user is the member of multiple groups that have permissions
> specified, then the last group in the ACL wins if there are any conflicts.
> The problem is that whenever the sling
> AccessControlUtil.replaceAccessControlEntry(..) api is invoked to merge
> changes to an ACE, the old ACE is removed from the ACL and re-added at the
> end of list of ACEs. Instead, the merge logic should ensure that the
> updated ACE is in the same position as the ACE that is being updated.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
