Alex Deparvu commented on OAK-6527:

proposed solution based on [~chetanm]'s original patch: 
I took special care to reduce the impact of running the composite nodestore 
setup on the default setup (should be virtually no impact due to the way the 
wiring is done). This only contains the actual fix but it no longer uses the 
code introduced via the listed issues above, second step is to revert all those 
[~anchela] feedback appreciated!

> CompositeNodeStore permission evaluation fails for open setups
> --------------------------------------------------------------
>                 Key: OAK-6527
>                 URL: https://issues.apache.org/jira/browse/OAK-6527
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: composite, security
>            Reporter: Alex Deparvu
>            Assignee: Alex Deparvu
>             Fix For: 1.7.6
> It seems the current setup of OR-ing the composite nodestore permission 
> setups breaks down when the root node has an allow all reads. This seems a 
> fundamental flaw in the way it works now, so I'm considering going back to 
> the drawing board and working on the solution proposed by [~chetanm] as a 
> part of OAK-3777, effectively making OAK-6356 and OAK-6469 obsolete.

This message was sent by Atlassian JIRA

Reply via email to