[ https://issues.apache.org/jira/browse/JCRVLT-94?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tobias Bocanegra updated JCRVLT-94: ----------------------------------- Affects Version/s: (was: 3.0) 3.1.18 > [AccessControlHandling] Unexpected behavior of acHandling 'merge' > ----------------------------------------------------------------- > > Key: JCRVLT-94 > URL: https://issues.apache.org/jira/browse/JCRVLT-94 > Project: Jackrabbit FileVault > Issue Type: Bug > Components: vlt > Affects Versions: 3.1.18 > Reporter: Anshika Agarwal > Assignee: Tobias Bocanegra > Fix For: 3.1.24 > > Attachments: CreateInitialTestScenario.zip, TestACHandling (2).zip > > > As per the document [0], the AccessControlHandling for 'merge' should be > merging access control provided with the package with the one in the content > by replacing the access control entries of corresponding principals (i.e. > package first). > This means if the package contains ACEs for a principal P, it should remove > all the ACEs for that principal in the content and add the ones in the > package. > However, I am not seeing this expected behavior. The behavior I am seeing is > as follows: > ‘merge’ - Merges access control in the content with the one provided with the > package by adding the access control entries of principals not present in the > content but not removing the ones not present in the package. > So for instance ACLs “jcr:read,jcr:versionManagement,rep:write” to > forms-users exists in CRX at ‘/content/apps/cm’ [PFA > 'CreateInitialTestScenario.zip' to create these ACLs in crx]. And now if we > change the ACLs for the same user/group and path to “rep:write,crx:replicate” > and install our package, a union of ACLs is seen i.e. > “jcr:read,jcr:versionManagement,rep:write,crx:replicate” to forms-users at > ‘/content/apps/cm’. > Please find attached package 'TestACHandling (2).zip' containing the ACLs - > “rep:write,crx:replicate” for forms-users group and path ‘/content/apps/cm’ > [0] : > https://docs.adobe.com/docs/en/aem/6-0/develop/ref/javadoc/org/apache/jackrabbit/vault/fs/io/AccessControlHandling.html -- This message was sent by Atlassian JIRA (v6.3.4#6332)