[
https://issues.apache.org/jira/browse/OAK-3751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15048257#comment-15048257
]
Thomas Mueller commented on OAK-3751:
-------------------------------------
More info in OAK-3728.
> Limit the unique index "authorizableId" to the "rep:Authorizable" nodetype
> --------------------------------------------------------------------------
>
> Key: OAK-3751
> URL: https://issues.apache.org/jira/browse/OAK-3751
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: security
> Reporter: Thomas Mueller
> Assignee: Thomas Mueller
> Fix For: 1.4
>
>
> Currently, the built-in Oak index "authorizableId" ensures that property
> values for the property "rep:authorizableId" are unique within the
> repository. However, there is no nodetype restriction for this index.
> In theory, an application could use the "rep:authorizableId" property, or the
> property could be used by versioning, an audit-log mechanism, things like
> that.
> I think the index should be limited to the "rep:Authorizable" nodetype, same
> as this is done in the "principalName" index.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
