Hi Anjan, It does look like something is wrong there. Please go ahead and open a new JIRA issue with your findings. Patches are also welcome if you have a proposal for how to fix the bug.
Regards, Eric On Sat, Aug 10, 2013 at 2:20 AM, anjan <[email protected]> wrote: > I am using Sling's REST interface to modify the permissions on a Node. I > noticed an issue. > > The issue I am facing can be best explained by showing the curl commands I > executed and the output I received: > > (1) Here is the initial set of privileges present on the node: > $ curl -u admin:admin http://localhost:8080/content/pertest.eacl.json > > {"test":{"principal":"test","denied":["jcr:versionManagement","jcr:read","jcr:modifyAccessControl","rep:write"],"order":0},"everyone":{"principal":"everyone","granted":["jcr:read","jcr:readAccessControl"],"order":1},"administrators":{"principal":"administrators","granted":["jcr:all"],"order":2}} > > (2) Run the below command to grant all the privileges for "test" principal > $ curl -u admin:admin -FprincipalId=test > -Fprivilege@jcr:versionManagement=granted -Fprivilege@jcr:read=granted > -Fprivilege@jcr:modifyAccessControl=granted > -Fprivilege@jcr:nodeTypeManagement=granted -Fprivilege@jcr:write=granted > http://localhost:8080/content/pertest.modifyAce.json > > (3) As you can see from the below output, "jcr:write" is still present > under > "denied" privileges for "test" even though I granted all the privileges in > the previous command > $ curl -u admin:admin http://localhost:8080/content/pertest.eacl.json > > {"test":{"principal":"test","granted":["jcr:nodeTypeManagement","jcr:versionManagement","jcr:read","jcr:modifyAccessControl"],"denied":["jcr:write"],"order":0},"everyone":{"principal":"everyone","granted":["jcr:read","jcr:readAccessControl"],"order":1},"administrators":{"principal":"administrators","granted":["jcr:all"],"order":2}} > > Initially I thought it's a bug in Jackrabbit, but after getting the > clarification from Jackrabbit forum, I think it might need to be corrected > in Sling. > > Here is the link to the question I raised in Jackrabbit forum: > > > http://jackrabbit.510166.n4.nabble.com/Bug-or-intended-behavior-getAggregatePrivileges-td4659272.html > > Please advice and let me know, if I need to create a JIRA issue for the > same > > > > -- > View this message in context: > http://apache-sling.73963.n3.nabble.com/Managing-Permissions-using-Sling-tp4026035.html > Sent from the Sling - Users mailing list archive at Nabble.com. >
