[
https://issues.apache.org/jira/browse/OAK-4632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marco Piovesana resolved OAK-4632.
----------------------------------
Resolution: Not A Bug
there was a mistake in my code
> remove node management
> ----------------------
>
> Key: OAK-4632
> URL: https://issues.apache.org/jira/browse/OAK-4632
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: core
> Affects Versions: 1.4.5
> Reporter: Marco Piovesana
>
> I have tow users: _admin_ and _userA_.
> _admin_ creates a folder and gives JCR_READ privilege to _userA_. When
> _userA_ tries to delete the folder no exception is thrown and the folder is
> deleted. _admin_ however can still view the node.
> If i give to _userA_ the privilege to remove the node:
> {code:java}
> AccessControlUtils.addAccessControlEntry(session, folder.getPath(),
> userA.getPrincipal(), new String[]{Privilege.JCR_REMOVE_CHILD_NODES}, true);
> AccessControlUtils.addAccessControlEntry(session,
> otherFolder.getPath(), userA.getPrincipal(), new String[]{Privilege.JCR_READ,
> Privilege.JCR_REMOVE_NODE}, true);
> {code}
> nothing changes.
> Is this the expected behaviour? How can i give to _userA_ the privilege to
> completely remove the node (remove it also for _admin_)?
> {code:title=DeleteTest.java|borderStyle=solid}
> public void deleteWithoutPermission() throws IOException, RepositoryException
> {
> File driveFile = new File("/tmp/oakTest", "oakrepo");
> File repositoryFile = new File(driveFile, "repository");
> File dataStoreFile = new File(driveFile, "datastore");
> BlobStore blobStore = new
> FileBlobStore(dataStoreFile.getAbsolutePath());
> FileStore repositoryStore =
> FileStore.newFileStore(repositoryFile).withBlobStore(blobStore).create();
> NodeStore nodeStore =
> SegmentNodeStore.newSegmentNodeStore(repositoryStore).create();
> Jcr jcr = new Jcr(nodeStore).with(new InitialContent()).with(new
> SecurityProviderImpl());
> Repository repository = jcr.createRepository();
> Session session = repository.login(new SimpleCredentials("admin",
> "admin".toCharArray()));
> UserManager userManager = ((SessionImpl) session).getUserManager();
> User userA = userManager.createUser("userA", "userA", new
> UserPrincipal("userA"), null);
> session.save();
> Node folder = JcrUtils.getOrAddFolder(session.getRootNode(),
> "myfolder");
> folder.addMixin(JcrConstants.MIX_SHAREABLE);
> Node otherFolder = JcrUtils.getOrAddFolder(folder, "otherFolder");
> otherFolder.addMixin(JcrConstants.MIX_SHAREABLE);
> session.save();
> String path = otherFolder.getPath();
> AccessControlUtils.addAccessControlEntry(session,
> otherFolder.getPath(), userA.getPrincipal(), new
> String[]{Privilege.JCR_READ}, true);
> session.save();
> session.logout();
> session = repository.login(new SimpleCredentials("userA",
> "userA".toCharArray()));
> Node node = session.getNode(path);
> node.remove();
> boolean exist = session.itemExists(path);
> session.logout();
> session = repository.login(new SimpleCredentials("admin",
> "admin".toCharArray()));
> boolean adminExists = session.itemExists(path);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
