[
https://issues.apache.org/jira/browse/OAK-4693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16102820#comment-16102820
]
Julian Reschke commented on OAK-4693:
-------------------------------------
bq. An impersonating user can lock a node, but can't unlock a node.
Well, that's because any user can lock a node in theory.
bq. but can't unlock a node.
Actually he could, if he used the lock token (assuming this is about
open-scoped locks).
The "unlock-with-lock-token" for admin users is meant for recovery of abandoned
locks, not for regular use.
> Impersonating users can't unlock nodes
> --------------------------------------
>
> Key: OAK-4693
> URL: https://issues.apache.org/jira/browse/OAK-4693
> Project: Jackrabbit Oak
> Issue Type: Wish
> Components: jcr
> Affects Versions: 1.5.8
> Reporter: Zygmunt Wiercioch
>
> An impersonating user can lock a node, but can't unlock a node. Relaxed
> locking was introduced in: https://issues.apache.org/jira/browse/OAK-1329,
> but SessionImpl.impersonate() can't pass the attributes to the
> RepositoryImpl.login() method.
> {code}
> return getRepository().login(impCreds, sd.getWorkspaceName());
> {code}
> An attempt to unlock a node when impersonating will result in a failure
> since "oak.relaxed-locking" is not set.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
