[jira] [Commented] (OAK-1163) Observation events should respect permissions

angela (JIRA) Mon, 11 Nov 2013 00:33:28 -0800

    [ 
https://issues.apache.org/jira/browse/OAK-1163?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13818772#comment-13818772
 ]


angela commented on OAK-1163:
-----------------------------

adjusting summary: as of oak there is a clear separation between access control 
management (-> ACL belongs there) and the permission evaluation. we should make 
sure we understand the difference when reporting issues in order to avoid 
confusions.

> Observation events should respect permissions
> ---------------------------------------------
>
>                 Key: OAK-1163
>                 URL: https://issues.apache.org/jira/browse/OAK-1163
>             Project: Jackrabbit Oak
>          Issue Type: New Feature
>          Components: core, jcr, security
>            Reporter: Alexander Klimetschek
>
> The JCR observation implementation in Oak does not evaluate ACLs yet, so any 
> session currently sees all events. {{SecureValidator}} is the intended place 
> to do the checks.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (OAK-1163) Observation events should respect permissions

Reply via email to