[REPO-855] o.h.r.j.XASessionImpl doesn't override JCR 2.0 javax.jcr.Session#hasPermission method - Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: High
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.26.00-alpha-1, 2.26.00
Component/s: None
Labels:
- 7.9-tp

Sprint:
Sprint 69

Description

The boolean Session.hasPermission(String, String) method was added to JCR 2.0, but isn't intercepted by the Hippo XASessionImpl.

This means that custom permissions checks like hasPermission(<itemPath>, "hippo:editor") will always result in an IllegalArgumentException being thrown by the underlying jackrabbit SessionImpl, like for example the below stacktrace shows:

java.lang.IllegalArgumentException: Unknown actions: [hippo:editor]
at org.apache.jackrabbit.core.SessionImpl.hasPermission(SessionImpl.java:1200)
at org.hippoecm.repository.decorating.SessionDecorator.hasPermission(SessionDecorator.java:375)
at org.hippoecm.repository.impl.WorkflowManagerImpl.checkWorkflowPermission(WorkflowManagerImpl.java:227)
at org.hippoecm.repository.impl.WorkflowManagerImpl.getWorkflowNode(WorkflowManagerImpl.java:157)
at org.hippoecm.repository.impl.WorkflowManagerImpl.getWorkflow(WorkflowManagerImpl.java:351)

(note: the above reported hasPermission call in the stacktrace was injected by myself locally to test this out; the current WorkflowManagerImpl of course uses checkPermission.)

The fix should be simple: just adding the hasPermission method override similar to the checkPermission method

Attachments

Activity

People

Assignee:: Junaidh Kadhar Sheriff

Reporter:: Ate Douma (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Dec/13 10:10 PM

Updated:: 24/Dec/13 3:16 PM

Resolved:: 24/Dec/13 3:16 PM