hi anjan the way i read the specification the current behaviour is correct. in fact, i re-read it while implementation the privilege management for OAK and finally implemented it the same way again.
kind regards angela On 8/9/13 2:45 PM, "anjan" <[email protected]> wrote: >I am using Jackrabbit version *2.4.2*. > >Here is the description from JCR java docs for the method >*getAggregatePrivileges* in the interface javax.jcr.security.Privilege > >* Privilege[] getAggregatePrivileges()* > /If this privilege is an aggregate privilege, returns the >privileges it contains, the privileges contained by any aggregate >privileges >among those, and so on (the transitive closure of privileges contained by >this privilege)./ > >Here is what I am observing: > >(1) If the Privilege is "jcr:write", then the returned Privileges from the >above method >are:"jcr:removeNode","jcr:modifyProperties","jcr:removeChildNodes","jcr:ad >dChildNodes" > >(2) If the Privilege is "rep:write" (jackrabbit internal privilege I >believe), then the returned Privileges from the above method are: >jcr:nodeTypeManagement, jcr:removeNode, jcr:modifyProperties, >jcr:removeChildNodes, *jcr:write*, jcr:addChildNodes > >As we can see from (2), the returned response contains "jcr:write" and >also >its corresponding aggregate privileges. Is this the intended behavior or >a >bug? > >I thought "jcr:write" should not be part of the response from (2). Can >someone clarify if this is the intended behavior or is this a bug. > >- Anjan > > > > > > >-- >View this message in context: >http://jackrabbit.510166.n4.nabble.com/Bug-or-intended-behavior-getAggrega >tePrivileges-tp4659272.html >Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
