[
https://issues.apache.org/jira/browse/OAK-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14318007#comment-14318007
]
Thomas Mueller commented on OAK-2490:
-------------------------------------
> It would be nice if we change the IndexPlan exposing this information to the
> query engine
Yes, even thought I don't think this is a high priority. Sure, access rights
checks can be avoided in this case, but I would expect this information is
cached. There is a slight complication: the select list can contain other
properties than the condition (select a from x where b = 1). So access rights
checks for b are not enough in this case. If access rights are on the node
level (all properties are readable, or none are readable) then this is not a
problem.
> Make it possible to use the PermissionProvider from within query indexes
> ------------------------------------------------------------------------
>
> Key: OAK-2490
> URL: https://issues.apache.org/jira/browse/OAK-2490
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core
> Reporter: Tommaso Teofili
> Assignee: Tommaso Teofili
> Fix For: 1.1.7
>
> Attachments: OAK-2490.0.patch, OAK-2490.1.patch, OAK-2490.2.patch
>
>
> As discussed on OAK-2423 and OAK-2473 it's useful to have a
> {{PermissionProvider}} down into {{QueryIndex}} implementations and/or
> {{SelectorImpl}}, depending on wether the ACL checks have to be done on an
> implementation base or generally.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
