[REPO-1512] [Backport 7.9] Make query results more resilient to not break on unauthorized results but skip them - Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: High
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 7.9-jackrabbit-paches-h11
Component/s: None
Labels:
None

Sprint:
Platform Sprint 132, Platform Sprint 133

Description

When iterating through the nodes in a query result via

javax.jcr.query.QueryResult queryResult = ...;
for (Node node : new NodeIterable(queryResult.getNodes())) {
        System.out.println(node.getPath());
}

It will always work since in case a node in the search result is unauthorized (should normally not happen), it still gets skipped by org.apache.jackrabbit.core.query.lucene.NodeIteratorImpl (and only a warning is logged). Since search results are non-transactional, this (an unauthorized node during iteration being skipped) can always happen even without the authorization query.

If however, instead of queryResult.getNodes(), you use

javax.jcr.query.QueryResult queryResult = ...;
 while (rows.hasNext()) {
         final Row row = rows.nextRow();
         final Value[] values = row.getValues();
}

the code above throws a repository exception on 'row.getValues()' if the backing jcr node cannot be read (unauthorized).
We should in jackrabbit RowIteratorImpl first fetch the node and log a warning if it is not allowed to be read.

Attachments

Issue Links

clones

REPO-1498 Make query results more resilient to not break on unauthorized results but skip them

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Ard Schrijvers

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 22/Jun/16 3:51 PM

Updated:: 29/Jun/16 4:07 PM

Resolved:: 22/Jun/16 4:24 PM