Hi, We’ve found an interesting issue with setAcl command in the client: currently it’s a depth-first pre-order traversal which sets ACL on the node first and then do getChildren() and traverse them.
It will fail when you set ACL to something which does not include you, e.g. you won’t be able to do getChildren() once you revoked access from the node. This could be resolved by changing the traversal to post-order. On one hand this is a valid concern, on the other hand using superuser or skipACL is an easy workaround for this. What do you think? Shall we change it? Andor
