Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
Description
A specific edge-case which currently isn't properly handled yet is when at runtime (e.g. in the console) a specific hierarchical white list facet rule is deleted.
The handling in QFacetRuleStateManager.getReferenceUUID(String facetRuleUUID) now returns a null value in two cases:
- the path for the facetRuleUUID no longer exists (node is deleted, cached uuid entry removed through its processDestroyedId() event handling method), or
- the node referenced by the facet Rule (jcr:uuid or jcr:path) no longer exists
The current handling in HippoAccessManager.updateReferenceFacetRules() doesn't cater for this distinction and only assumes the 2nd case (logging an error and then continues/ignores the fact).
Naively 'fixing' this by excluding the facet rule (by marking it defunct) for subsequent initializeImplicitReadAccess() however might be dangerous, as potentially this might suddenly 'expose' a far wider (no longer path/hierarchy constrained) read access for current logged in users.
This needs thorough investigation and verification how (or if) we can/should support this.
Attachments
Issue Links
- is a part of
-
REPO-2215 Support hierarchical domain constraint on not (yet) existing paths
-
- Closed
-