[
https://issues.apache.org/jira/browse/SLING-2600?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Norman resolved SLING-2600.
--------------------------------
Resolution: Fixed
Fix attempt #2 in revision 1396899
> Effective ACL servlet returns incorrect information
> ---------------------------------------------------
>
> Key: SLING-2600
> URL: https://issues.apache.org/jira/browse/SLING-2600
> Project: Sling
> Issue Type: Bug
> Components: JCR
> Affects Versions: JCR Jackrabbit Access Manager 2.1.0
> Reporter: Dan Freeman
> Assignee: Eric Norman
> Fix For: JCR Jackrabbit Access Manager 2.1.2
>
>
> The GetEffectiveAclServlet only appears to reflect the permissions on lowest
> node in the requested hierarchy that has an ACL, rather than aggregating all
> entries.
> Given, e.g., a node structure with the following privileges:
> /base
> principalA - jcr:write=granted
> principalB - jcr:write=granted
> /base/child
> principalB - jcr:lockManagement=granted
> When requesting /base/child.eacl.json, the expected result would be that the
> privileges granted to both principals on /base would be reflected, in
> addition to those declared directly on /base/child.
> Instead, requests for /base/child.eacl.json and /base/child.acl.json both
> return:
> {
> "principalB": {
> "granted": [
> "jcr:lockManagement"
> ],
> "order": 0,
> "principal": "principalB"
> }
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
