[ https://issues.apache.org/jira/browse/OAK-7937?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Davide Giannella updated OAK-7937: ---------------------------------- Fix Version/s: (was: 1.10.0) > Implement CugAccessControlManager.getEffectivePolicies(Set<Principal> > principals) > --------------------------------------------------------------------------------- > > Key: OAK-7937 > URL: https://issues.apache.org/jira/browse/OAK-7937 > Project: Jackrabbit Oak > Issue Type: Improvement > Reporter: angela > Assignee: Alex Deparvu > Priority: Major > Fix For: 1.12 > > > today CugAccessControlManager.getEffectivePolicies(Set<Principal> principals) > returns an empty array and has a comment stating that this is not implemented. > having thought this through again, i think there was some benefit in having > the implementation. as long as the given set of principal does NOT include > everyone the return value should just include the CUG-policies that > explicitly list any of principals. IF _everyone_ was part of the set, the > return-value basically includes _all_ CUG-policies, because every CUG will > deny read-access for everyone except for the principals explicitly listed in > the CUG-policy... if we do the latter as lazy as possible it might still be > doable even in a scenario, when there are tons of CUG-policies specified. > [~stillalex], wdyt? do you want to take care of this? -- This message was sent by Atlassian JIRA (v7.6.3#76005)