[ https://issues.apache.org/jira/browse/JCR-2863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Guggisberg updated JCR-2863: ----------------------------------- Summary: Session#importXML can't handle properly uuid collision if user has insufficient permission (was: Import can't handle properly uuid collision if user has insufficient permission) this issue is IMO specific to Session.importXML(). Workspace.importXML() should not be affected. can please confirm this? > Session#importXML can't handle properly uuid collision if user has > insufficient permission > ------------------------------------------------------------------------------------------ > > Key: JCR-2863 > URL: https://issues.apache.org/jira/browse/JCR-2863 > Project: Jackrabbit Content Repository > Issue Type: Bug > Components: jackrabbit-core, xml > Affects Versions: 1.6.1, 2.2.1 > Reporter: Antoine Brochard > Attachments: exception.txt > > > When importing referenceable nodes, if there are nodes with the same uuid in > the workspace but the session has no sufficient permission to read them then > the import will fail no matter what ImportUUIDBehavior is chosen. > But the same xml will be imported successfully in another repository or if > the user have read access. > SessionImpl.java : > public NodeImpl getNodeById(NodeId id) ...{ > ... > try { > return (NodeImpl) getItemManager().getItem(id); > } catch (AccessDeniedException ade) { > throw new ItemNotFoundException(id.toString()); > } > } > SessionImporter.java : > public void startNode(NodeInfo nodeInfo, List propInfos)...{ > ... > if (node == null) { > // create node > if (id == null) { > ... > } else { > // potential uuid conflict > NodeImpl conflicting; > try { > conflicting = session.getNodeById(id); > } catch (ItemNotFoundException infe) { > conflicting = null; > } > if (conflicting != null) { > // resolve uuid conflict > ... > } > ... > } > In the JCR 1.0 spec says "lack of read access to an item blocks access to > both information about the content of that item and information about the > existence of the item" but this should probably not be true, internally, when > doing an import. > Otherwise it means that read access to an entire workspace must be granted to > a user so that it could successfully use the IMPORT_UUID_CREATE_NEW behaviour. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.