[
https://issues.apache.org/jira/browse/OAK-1147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13814044#comment-13814044
]
angela commented on OAK-1147:
-----------------------------
ok... but the counting method didn't test for the readability of the node. and
nor does getProperty/hasProperty.
as far as the implementation is concerned: it's really simplistic and in fact
only return true for {{#canReadProperties}} if the entry also defines the
read-access for the tree itself.
so far i don't have any strong feeling for either way as long as it is
consistent across all property access.
> SecureNodeBuilder/SecureNodeState: Consider using
> 'TreePermission#canReadProperties'
> ------------------------------------------------------------------------------------
>
> Key: OAK-1147
> URL: https://issues.apache.org/jira/browse/OAK-1147
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Reporter: angela
> Assignee: angela
> Attachments: OAK-1147.patch
>
>
> the methods #getProperties and #getPropertyCount have a shortcut for those
> cases where all properties are accessible.
> however, the current implemention requires SecurityContext#canReadAll to
> return true in order to enable the shortcut. without knowing the very details
> of the SecureNodeState/Builder i would have expected that
> #canReadAllProperties would be sufficient.
> [~jukkaz], do you remember what was the reason for using #canReadAll here? i
> changed it for test purpose and didn't see any difference... but that may
> also imply that we don't have enough or specific tests for this.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
