[CMS-4229] Seems like Inconsistent behaviors in security access checking between parent node and child nodes. - Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Top
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: security
Labels:
None

Description

Currently, it seems like the security access checking works inconsistently.
For example, even though 'editor' user doesn't have a read access to /preview/hst:content/, the user can read a child node, /preview/hst:content/news/.
If we think jcr repository node structure has a similar access control mechanism as a file system, this symptom looks very strange.
In file systems, normally, if a parent folder is not allowed to read to a user, it implies any child nodes from the parent node shouldn't be allowed to read by default.
Please review this and decide if this symptom can be a repository implementation feature or if this problem should be fixed later.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Woonsan Ko (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 15/Jun/10 6:01 PM

Updated:: 22/Jun/10 12:18 PM

Resolved:: 22/Jun/10 12:18 PM