[
https://issues.apache.org/jira/browse/OAK-709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13623676#comment-13623676
]
Michael Dürig commented on OAK-709:
-----------------------------------
I think we need to separate this as follows:
* All public {{Tree}} and {{Root}} APIs must be implemented through node states
wrapped into a {{SecureNodeState}}.
* All operations performed against lower layers (i.e.
{{NodeStoreBranch.setRoot}}) must be implemented using the original unwrapped
node state.
The main problem I see is with the {{NodeBuilder}}: while we need to base node
builders on secure node states for implementing public APIs, we need a way to
unwrap the original "non secure" node state from the builder, which however
needs to include all changes done to it through the {{Tree}} API.
> Consider moving permission evaluation to the node state level
> -------------------------------------------------------------
>
> Key: OAK-709
> URL: https://issues.apache.org/jira/browse/OAK-709
> Project: Jackrabbit Oak
> Issue Type: Sub-task
> Components: core
> Reporter: angela
> Attachments:
> 0001-OAK-709-Consider-moving-permission-evaluation-to-the.patch,
> 0001-OAK-709-Consider-moving-permission-evaluation-to-the.patch,
> 0001-OAK-709-Consider-moving-permission-evaluation-to-the.patch,
> 0001-OAK-709-Consider-moving-permission-evaluation-to-the.patch,
> OAK-709_2.patch, OAK-709_3.patch, OAK-709-equals_hack.patch, OAK-709.patch,
> SecureNodeState.java
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
