angela created OAK-8388: --------------------------- Summary: AccessControlManagerImpl.getEffectivePolicies(Set): Insufficicient validator of query results Key: OAK-8388 URL: https://issues.apache.org/jira/browse/OAK-8388 Project: Jackrabbit Oak Issue Type: Bug Components: core, security Reporter: angela Assignee: angela
when searching for effective policies by a given set of principals, the query limits the results to trees of type rep:ACE. upon processing the query result the code asserts that the result set doesn't contain any kind of isolated access control entries that are not located within a ACL... but only checks for the acl-tree name being empty and not whether it matches the names mandated by this implementation. -- This message was sent by Atlassian JIRA (v7.6.3#76005)