[
https://issues.apache.org/jira/browse/OAK-4086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15177794#comment-15177794
]
Marco Piovesana edited comment on OAK-4086 at 3/3/16 1:23 PM:
--
here is the complete code:
{code:java}
File rootPath = new File("/tmp");
File driveFile = new File(rootPath, DRIVE);
File repositoryFile = new File(driveFile, REPOSITORY);
File dataStoreFile = new File(driveFile, DATASTORE);
BlobStore blobStore = new FileBlobStore(dataStoreFile.getAbsolutePath());
Repository repositoryStore =
FileStore.newFileStore(repositoryFile).withBlobStore(blobStore).create();
NodeStore nodeStore =
SegmentNodeStore.newSegmentNodeStore(repositoryStore).create();
Jcr jcr = new Jcr(nodeStore).with(new InitialContent()).with(new
CustomSecurityProviderImpl());
repository = jcr.createRepository();
Session sessionAdmin = repository.login(new SimpleCredentials("admin",
"admin".toCharArray()));
UserManager userManager = ((SessionImpl) sessionAdmin).getUserManager();
Node testfolder = sessionAdmin.getRootNode().addNode("/testfolder");
sessionAdmin.save();
Group myTestGroup = userManager.createGroup("MyUsersGroup");
sessionAdmin.save();
User newUser = userManager.createUser("marco", "password", new
UserPrincipal("marco"), null);
myTestGroup.addMember(newUser);
sessionAdmin.save();
boolean allow = AccessControlUtils.allow(testfolder,
myTestGroup.getPrincipal().getName(), new String[]{Privilege.JCR_READ});
sessionAdmin.save();
sessionAdmin.logout();
Session userSession = repository.login(new SimpleCredentials("marco",
"password".toCharArray()));
Node node = userSession.getNode("/testfolder"); //here the code fails because
the node is not found!!
{code}
i did save the changes before logging in as "marco". I'm Sorry that I didn't
mention it before.
Marco.
was (Author: iosonomarco):
here is the complete code:
{code:java}
File rootPath = "/tmp";
File driveFile = new File(rootPath, DRIVE);
File repositoryFile = new File(driveFile, REPOSITORY);
File dataStoreFile = new File(driveFile, DATASTORE);
BlobStore blobStore = new FileBlobStore(dataStoreFile.getAbsolutePath());
Repository repositoryStore =
FileStore.newFileStore(repositoryFile).withBlobStore(blobStore).create();
NodeStore nodeStore =
SegmentNodeStore.newSegmentNodeStore(repositoryStore).create();
Jcr jcr = new Jcr(nodeStore).with(new InitialContent()).with(new
CustomSecurityProviderImpl());
repository = jcr.createRepository();
Session sessionAdmin = repository.login(new SimpleCredentials("admin",
"admin".toCharArray()));
UserManager userManager = ((SessionImpl) sessionAdmin).getUserManager();
Node testfolder = sessionAdmin.getRootNode().addNode("/testfolder");
sessionAdmin.save();
Group myTestGroup = userManager.createGroup("MyUsersGroup");
sessionAdmin.save();
User newUser = userManager.createUser("marco", "password", new
UserPrincipal("marco"), null);
myTestGroup.addMember(newUser);
sessionAdmin.save();
boolean allow = AccessControlUtils.allow(testfolder,
myTestGroup.getPrincipal().getName(), new String[]{Privilege.JCR_READ});
sessionAdmin.save();
sessionAdmin.logout();
Session userSession = repository.login(new SimpleCredentials("marco",
"password".toCharArray()));
Node node = userSession.getNode("/testfolder"); //here the code fails because
the node is not found!!
{code}
i did save the changes before logging in as "marco". I'm Sorry that I didn't
mention it before.
Marco.
> Group membership not verified during permission verification
>
>
> Key: OAK-4086
> URL: https://issues.apache.org/jira/browse/OAK-4086
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: security
>Affects Versions: 1.3.16
>Reporter: Marco Piovesana
>
> I have a group called "MyUsers" containing a user called "marco". I've
> created a folder called "testfolder" with admin account and i granted read
> permission to the "MyUsers" group:
> {code:java}
> Node testfolder = adminSession.getNode("/testfolder");
> boolean allow = AccessControlUtils.allow(testfolder,
> myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ});
> {code}
> When I login as "marco", if i try to find that folder i get an error saying
> that the folder doesn't exists (user does not have tthe permission to read
> it). It works only if I grant the READ permission directly to the user.
> {code:java}
> Session usrSession = repository.login(new SimpleCredentials("marco",
> "password".toCharArray()));
> Node node = usrSession.getNode("/testfolder"); //here the code fails because
> the node is not found!!
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
