[
https://issues.apache.org/jira/browse/OAK-709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13620970#comment-13620970
]
angela commented on OAK-709:
----------------------------
as stated on the list i like the idea of having the access check on a lower
level in general. it would
also correspond to the write-permission checks that are execute in the commit
hook.
what i am still missing however: our permission evaluation needs to be hierarchy
aware and we don't have the hierarchy information on the nodestate. in other
words the non-trivial
implementation of NodeState#exists and i don't see that happen without bigger
refactoring (such as
e.g. having a reference to the parent node state).
another issue that needs further clarification: what about the cache we are
currently having on
the nodestate level. IMO that wouldn't work as the nodestore with the cache is
shared between
all content sessions.
last but not least: the permission provider is not only used on the oak-core
level but also
in oak-jcr for the permission related jcr calls and within the access control
mgt which both
don't have access to the NodeState API.
> Consider moving permission evaluation to the node state level
> -------------------------------------------------------------
>
> Key: OAK-709
> URL: https://issues.apache.org/jira/browse/OAK-709
> Project: Jackrabbit Oak
> Issue Type: Sub-task
> Components: core
> Reporter: angela
> Attachments:
> 0001-OAK-709-Consider-moving-permission-evaluation-to-the.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
