Uploaded image for project: 'ModeShape'
  1. ModeShape
  2. MODE-2117

Session#checkPermission should raise an AccessControlException for read-only projections

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Critical
    • 3.7.0.Final
    • 3.6.0.Final
    • Federation, JCR
    • None

    Description

      We'd like to know if a user can add or update nodes (so we can control what is displayed in e.g. the UI). I thought Session#checkPermission would work well enough (and, for things controlled by an ACL, I suppose it does). When running with a read-only external source, though, this check succeeds:

      session.checkPermission("/read/only/path", "add_node")

      Should #checkPermission have some knowledge about read-only projections, or is there a different API we should use instead?

      Attachments

        Activity

          People

            hchiorean Horia Chiorean (Inactive)
            cbeer_jira Chris Beer (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: