Uploaded image for project: 'ModeShape'
  1. ModeShape
  2. MODE-2117

Session#checkPermission should raise an AccessControlException for read-only projections

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Done
    • Affects Version/s: 3.6.0.Final
    • Fix Version/s: 3.7.0.Final
    • Component/s: Federation, JCR
    • Labels:
      None

      Description

      We'd like to know if a user can add or update nodes (so we can control what is displayed in e.g. the UI). I thought Session#checkPermission would work well enough (and, for things controlled by an ACL, I suppose it does). When running with a read-only external source, though, this check succeeds:

      session.checkPermission("/read/only/path", "add_node")

      Should #checkPermission have some knowledge about read-only projections, or is there a different API we should use instead?

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                hchiorean Horia Chiorean
                Reporter:
                cbeer Chris Beer
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: