[REPO-2277] Users marked as system user get incorrectly a 'match all doc' authorization query - Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: High
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 14.0.0
Component/s: None
Labels:
None

Epic Link:
Security Domain Refactoring

Description

Although of course the HippoAccessManager would never pass a node that is not allowed to be read, the authorization query should always be in sync with the HippoAccessManager

However a mistake was committed where jcr sessions that were marked as system user were treated as JCR System Sessions.
This is confusing: A User can be marked system, but this is something completely else than being a JCR System Session.
Follow-up issue ~~REPO-2278~~ will address the confusion, this issue fixes the resulting bug.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Ard Schrijvers

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 25/Oct/19 11:36 PM

Updated:: 26/Oct/19 12:34 PM

Resolved:: 26/Oct/19 12:34 PM