Hi Anjan,
I don't really see how the ACL is setup. can you export a JSON dump of
the respective rep:policy node?
everyone does not have a special priority, the order of the ACEs is important.
regards, toby
On Thu, Dec 12, 2013 at 2:32 AM, anjan <poliset...@gmail.com> wrote:
> To further update, here are the permissions I see for the "child" folder.
>
> {"Managers":{"principal":"Managers","granted":["jcr:read"],"order":0},"everyone":{"principal":"everyone","granted":["jcr:readAccessControl","jcr:removeChildNodes"],*"denied":["jcr:read"]*,"order":1},"administrators":{"principal":"administrators","granted":["jcr:all"],"order":2}}
>
> Please note that on the "child" folder "everyone" is having "jcr:read"
> denied privilege (bold above).
>
> After some debugging, I noticed that because of this deny access on
> "everyone" principal, "test" user cannot see "child" folder. Since "test"
> user belongs to "Managers" group and this group has "jcr:read" privilege, I
> thought "test" user will see this folder. But it is not the case.
>
> Does this mean that "everyone" takes precedence in all the scenarios
> irrespective of the order of ACEs? Can anyone clarify.
>
>
>
> --
> View this message in context:
> http://jackrabbit.510166.n4.nabble.com/Group-membership-is-not-honoured-tp4660059p4660063.html
> Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
