Uploaded image for project: '[Read Only] - Hippo Repository'
  1. [Read Only] - Hippo Repository
  2. REPO-855

o.h.r.j.XASessionImpl doesn't override JCR 2.0 javax.jcr.Session#hasPermission method

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.26.00-alpha-1, 2.26.00
    • Component/s: None
    • Labels:
    • Similar issues:
    • Sprint:
      Sprint 69

      Description

      The boolean Session.hasPermission(String, String) method was added to JCR 2.0, but isn't intercepted by the Hippo XASessionImpl.

      This means that custom permissions checks like hasPermission(<itemPath>, "hippo:editor") will always result in an IllegalArgumentException being thrown by the underlying jackrabbit SessionImpl, like for example the below stacktrace shows:

      java.lang.IllegalArgumentException: Unknown actions: [hippo:editor]
      at org.apache.jackrabbit.core.SessionImpl.hasPermission(SessionImpl.java:1200)
      at org.hippoecm.repository.decorating.SessionDecorator.hasPermission(SessionDecorator.java:375)
      at org.hippoecm.repository.impl.WorkflowManagerImpl.checkWorkflowPermission(WorkflowManagerImpl.java:227)
      at org.hippoecm.repository.impl.WorkflowManagerImpl.getWorkflowNode(WorkflowManagerImpl.java:157)
      at org.hippoecm.repository.impl.WorkflowManagerImpl.getWorkflow(WorkflowManagerImpl.java:351)

      (note: the above reported hasPermission call in the stacktrace was injected by myself locally to test this out; the current WorkflowManagerImpl of course uses checkPermission.)

      The fix should be simple: just adding the hasPermission method override similar to the checkPermission method

        Attachments

          Activity

            People

            • Assignee:
              jsheriff Junaidh Kadhar Sheriff
              Reporter:
              adouma Ate Douma
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: