Hi Amit, patch looks good to me.
For fixing the other method I'm not sure, I could argue that e.g. /a/b/c/d exists, user is allowed to read /a/b and read/write to /a/b/c/d but can't read /a/b/c. Now the user gets /a/b and calls createPath() passing this node and wanting to create /a/b/c/d/e - which would be possible but fail as /a/b/c is not readable for the user. A little bit artificial, I agree - but if it's easy to fix, I think we should do this - just to be consistent. Carsten 2014-01-31 Amit.. Gupta. <[email protected]>: > Hi, > > I have found an issue [0] with JcrResourceUtil.createPath. Attached the > patch as well in the issue, I have also added some test cases for > JcrResourceUtil.createPath > > Summary: > JcrResourceUtil.createPath fails for path such as > /a/b/c/d/e > where /ab/c already exists and d/e needs to be created in certain acl > setups i.e. > user has read & write permission to /a/b/c not don't have read permission > on /. > Current implementation expects that user would have read permission on > root node. > > Is it okie to fix this? > > I have only fixed the issue in > Node createPath(String path, > String intermediateNodeType, > String nodeType, > Session session, > boolean autoSave) > > for the other variant, I am not sure if we need to fix that as well. As > caller is already passing parentNode, so we can assume that user already > have access to parentNode. > > Thanks, > Amit > [0] https://issues.apache.org/jira/browse/SLING-3361 > > -- Carsten Ziegeler [email protected]
