[
https://issues.apache.org/jira/browse/OAK-2149?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Julian Reschke resolved OAK-2149.
---------------------------------
Resolution: Won't Fix
See https://issues.apache.org/jira/browse/OAK-6421
> Locks are not enforced for content changes
> ------------------------------------------
>
> Key: OAK-2149
> URL: https://issues.apache.org/jira/browse/OAK-2149
> Project: Jackrabbit Oak
> Issue Type: Sub-task
> Components: jcr
> Affects Versions: 1.0.19, 1.2.4, 1.3.4
> Reporter: Damien Obrist
> Priority: Major
> Attachments: 0001-OAK-2149-Locks-are-not-enforced.patch
>
>
> Locks are not enforced and do not prevent nodes from being modified by
> non-lock-owning sessions.
> Consider following code excerpt:
> {code:java}
> Repository repo = ...
> String path = "/some/node";
> Session session1 = repo.login(new SimpleCredentials("A",
> "password".toCharArray()));
> session1.getNode(path).addMixin("mix:lockable");
> session1.save();
> LockManager lockManager = session1.getWorkspace().getLockManager();
> lockManager.lock(path, true, false, Long.MAX_VALUE, null);
> Session session2 = repo.login(new SimpleCredentials("B",
> "password".toCharArray()));
> session2.getNode(path).setProperty("foo", "bar");
> session2.save();
> {code}
> User {{A}} puts a lock on {{/some/node}}. User {{B}} is still able to set a
> property on that node after it has been locked. Instead, this should throw a
> {{LockException}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
