[jira] [Updated] (OAK-4632) give a user the privilege to remove a node

Tue, 02 Aug 2016 09:06:37 -0700 

     [ 
https://issues.apache.org/jira/browse/OAK-4632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Marco Piovesana updated OAK-4632:
---------------------------------
    Summary: give a user the privilege to remove a node  (was: remove node 
behaviour)

> give a user the privilege to remove a node
> ------------------------------------------
>
>                 Key: OAK-4632
>                 URL: https://issues.apache.org/jira/browse/OAK-4632
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.4.5
>            Reporter: Marco Piovesana
>
> I have tow users: _admin_ and _userA_.
>  _admin_ creates a folder and gives JCR_READ privilege to _userA_. When 
> _userA_ tries to delete the folder no exception is thrown and the folder is 
> deleted. _admin_ however can still view the node.
> If i give to _userA_ the privilege to remove the node 
> (_Privilege.JCR_REMOVE_NODE_) nothing changes.
> Is this the expected behaviour? How can i give to _userA_ the privilege to 
> completely remove the node (remove it also for _admin_)?
> {code:title=DeleteTest.java|borderStyle=solid}
> public void deleteWithoutPermission() throws IOException, RepositoryException 
> {
>         File driveFile = new File("/tmp/oakTest", "oakrepo");
>         File repositoryFile = new File(driveFile, "repository");
>         File dataStoreFile = new File(driveFile, "datastore");
>         BlobStore blobStore = new 
> FileBlobStore(dataStoreFile.getAbsolutePath());
>         FileStore repositoryStore = 
> FileStore.newFileStore(repositoryFile).withBlobStore(blobStore).create();
>         NodeStore nodeStore = 
> SegmentNodeStore.newSegmentNodeStore(repositoryStore).create();
>         Jcr jcr = new Jcr(nodeStore).with(new InitialContent()).with(new 
> SecurityProviderImpl());
>         Repository repository = jcr.createRepository();
>         Session session = repository.login(new SimpleCredentials("admin", 
> "admin".toCharArray()));
>         UserManager userManager = ((SessionImpl) session).getUserManager();
>         User userA = userManager.createUser("userA", "userA", new 
> UserPrincipal("userA"), null);
>         session.save();
>         Node folder = JcrUtils.getOrAddFolder(session.getRootNode(), 
> "myfolder");
>         folder.addMixin(JcrConstants.MIX_SHAREABLE);
>         Node otherFolder = JcrUtils.getOrAddFolder(folder, "otherFolder");
>         otherFolder.addMixin(JcrConstants.MIX_SHAREABLE);
>         session.save();
>         String path = otherFolder.getPath();
>         AccessControlUtils.addAccessControlEntry(session, 
> otherFolder.getPath(), userA.getPrincipal(), new 
> String[]{Privilege.JCR_READ}, true);
>         session.save();
>         session.logout();
>         session = repository.login(new SimpleCredentials("userA", 
> "userA".toCharArray()));
>         Node node = session.getNode(path);
>         node.remove();
>         boolean exist = session.itemExists(path);
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to