JCRVLT-522 check effect of filter rules on ACLs #162
Conversation
kwin
force-pushed
the
feature/JCRVLT-522-filter-rules-for-autorizables-acls
branch
from
75df2a2 to
43f4a19
Compare
|
I fail to reproduce installation of ACLs not contained in the filter. @anchela Can you come up with a test case? |
|
@tripodsan In general filter rules seem to be followed except for one edge case. What is the idea of If so do you consider Importer.postFilter errorneous as it does not correctly filter out artifacts which are below a contained node (but excluded)? |
I think it is used to find the TXInfo hierarchy that is covered by the filter.... maybe :-)
I don't think this will lead to errors. AFAIR, this is only the preliminary scan. the nodes are filtered again when traversing. but I might be wrong. it was a long time ago, when this code was created :-) |
|
Look at the test case: It leads to some ACLs being applied although outside the filter, because no subsequent filtering happens. Bug or Feature? |
I would say, if the effective ACL on one of the items included in the filter is affected, then the ACL should be applied. all ACLs that are not covered in the filter and do not affect the items in the covered tree should not be modified. |
I can follow your argument, but this is not how it works right now. I would like to first clarify how to deal with row 2 in the description table of https://issues.apache.org/jira/browse/JCRVLT-522, before thinking about installing ACLs for more cases not contained in the filter. |
|
Kudos, SonarCloud Quality Gate passed! |
ancestor of a filter nor contained in it
kwin
force-pushed
the
feature/JCRVLT-522-filter-rules-for-autorizables-acls
branch
from
3b78195 to
656a321
Compare
|
@reschke Do we again need to introduce a flag for backwards-compatibility where ACLs are applied in some edge cases despite not being contained in the filter? |
|
If there is no further concern I would go ahead and merge at the end of this week. |
No description provided.