We have discovered that there is a bug in ZooDefs.PERMS.ALL: it is
missing ZooDefs.PERMS.ADMIN, thus it isn't really ALL :) The problem is
that the C binding includes ADMIN in ALL, so we have an inconsistency
between the two bindings. We would like to fix this as a bug fix in the
next release, but it does change behavior, so we wanted to run in by the
list to get our users' opinions.
To understand the behavioral change let me first remind you that the
ADMIN permission is only used with the setACL operation. Normally,
developers use PERMS.ALL indirectly by using ids.OPEN_ACL_UNSAFE. So,
doing zk.create(path, data, Ids.OPEN_ACL_UNSAFE, flags) will create a
znode for which no one will have the ability to change the ACL, ie call
setACL. If we fix this, everyone will be able to change the ACL of the
znode, which corresponds to the behavior of using OPEN_ACL_UNSAFE with
the C binding.
(Note: nodes that were previously created with OPEN_ACL_UNSAFE or
PERMS.ALL, will not be affected since these are just client side macros.)