[
https://issues.apache.org/jira/browse/OAK-7323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16391456#comment-16391456
]
Konrad Windszus commented on OAK-7323:
--------------------------------------
yes, you are right, but still it is maybe not obvious without the additional
logging why this is not possible.
> Log some warning or even throw some exception when trying to add "everyone"
> as member to other groups or add user/groups to "everyone"
> ---------------------------------------------------------------------------------------------------------------------------------------
>
> Key: OAK-7323
> URL: https://issues.apache.org/jira/browse/OAK-7323
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core, security
> Affects Versions: 1.6.10
> Reporter: Konrad Windszus
> Priority: Trivial
> Fix For: 1.10
>
>
> Currently it is not allowed to extend the group {{everyone}} by putting it as
> member to another group. The other way is prevented as well (i.e. putting
> some group or user as member of the {{everyone}} group) as every other
> principal is by default member of {{everyone}}. Extending the {{everyone}}
> group would therefore lead to cycles. Although this is correctly prevented in
> the code
> (https://github.com/apache/jackrabbit/blob/adb1e79ae26aba5d068be56e5e9eb562344e5bb9/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/GroupImpl.java#L156)
> this is not noticed by the called.
> I would instead suggest to fail more loudly by throwing an exception or at
> least log a warning.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
