Hi, On Mon, Apr 22, 2013 at 11:22 AM, Angela Schreiber <[email protected]> wrote: > now, as of oak all of them are stored and accessed in the repository > and are consequently affected by regular item read access which > basically breaks backwards compatibility.
Note that the commit hooks and things like search indices work below access controls, so they can in any case see the full /jcr:system subtree and any repository metadata stored there. The only bits that would be affected in the odd case where an administrator would deny read access to something like the /jcr:system/jcr:nodeTypes subtree would be the JCR-level NodeTypeRegistry implementation and related methods. That might well break some clients, but so would an administrator explicitly modifying the builtin nodetypes file in Jackrabbit 2.x. So at best I'd simply document that to keep an Oak repository backwards compatible and JCR compliant, one shouldn't apply extra read access controls on the repository metadata stored under /jcr:system. There shouldn't be any need to explicitly enforce that in code. If needed, I wouldn't be opposed to having an explicit access control entry in /jcr:system that grants everyone read access to that subtree, excluding version histories and other sensitive areas that in any case are handled separately. Ideally I don't think that should be needed though, as IMO content should be readable by default, unless explicitly denied by access control. BR, Jukka Zitting
