[ 
https://issues.apache.org/jira/browse/OAK-6527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16118283#comment-16118283
 ] 

Alex Deparvu commented on OAK-6527:
-----------------------------------

thanks for the review!

bq. why is AbstractPermissionStore needed?
Because the {{CompiledPermissionImpl}} needs a way to call {{flush}} on the 
permission store, be it a classic {{PermissionStoreImpl}} or a composite 
{{MountPermissionStore}} which would delegate the flush call to it's 
components. If here's a better way to expose the {{flush}} I'm open to 
alternatives.

> CompositeNodeStore permission evaluation fails for open setups
> --------------------------------------------------------------
>
>                 Key: OAK-6527
>                 URL: https://issues.apache.org/jira/browse/OAK-6527
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: composite, security
>    Affects Versions: 1.7.3, 1.7.4, 1.7.5
>            Reporter: Alex Deparvu
>            Assignee: Alex Deparvu
>             Fix For: 1.7.6
>
>
> It seems the current setup of OR-ing the composite nodestore permission 
> setups breaks down when the root node has an allow all reads. This seems a 
> fundamental flaw in the way it works now, so I'm considering going back to 
> the drawing board and working on the solution proposed by [~chetanm] as a 
> part of OAK-3777, effectively making OAK-6356 and OAK-6469 obsolete.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to