[
https://issues.apache.org/jira/browse/OAK-7856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16660648#comment-16660648
]
angela commented on OAK-7856:
-----------------------------
[~stillalex], ooops... didn't refresh the issue and missed your follow up
comment... that was my first approach as well but then i felt that it would be
better to clearly separate access controlled paths (even if there was no entry)
from those that are not. maybe it's a theoretical issue but my point was as
follows: if in the permission store the path-based structure was not removed
upon removal of the last entry, the result from reading from the store would be
an empty entry-collection, which is different from that node is not access
controlled at all for the given principal (returning 'null'). for this very
reason i also slightly modified the store to reflect that difference.
> PrincipalPermissionEntries: non-accesscontrolled path must be ignored for
> fullyLoaded flag
> ------------------------------------------------------------------------------------------
>
> Key: OAK-7856
> URL: https://issues.apache.org/jira/browse/OAK-7856
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: core, security
> Reporter: angela
> Assignee: angela
> Priority: Major
> Fix For: 1.10, 1.9.10
>
> Attachments: OAK-7856.patch
>
>
> [~stillalex] spotted an issue with the calculation of the 'fullyLoaded' flag
> inside {{PrincipalPermissionEntries}}: since lookup non-accesscontrolled
> paths is also remembered the fullyLoaded flag may be mistakenly flipped to
> {{true}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
