-
1. Re: Problem when using long-lived sessions, ACLs and events together
hchiorean Dec 12, 2014 5:06 AM (in response to jacobilsoe)As long as after step 3 user A calls session.save() - i.e. making the policy changes visible - this is not the expected behavior. Once the policy has changed and the node is accessible to the other session (B), this should receive the events.
If you can reproduce this behavior in a test case, feel free to open a JIRA. Thanks.
-
2. Re: Problem when using long-lived sessions, ACLs and events together
jacobilsoe Dec 12, 2014 6:18 AM (in response to hchiorean)I have investigated this a bit further and the change is rejected in org.modeshape.jcr.JcrObservationManager.ChangeSetConverter.shouldRejectChange because the long-lived session does not have read permission to the changed node.
I'll look into reproducing.
-
3. Re: Problem when using long-lived sessions, ACLs and events together
hchiorean Dec 12, 2014 6:23 AM (in response to jacobilsoe)You're correct: that part of the code validates that the session to which the listener belongs, has READ permissions on the parent path of the change. This is the reason why I asked the previous question: as long as the other session changes the ACLs so that the previous statement is true and saves those changes, they should become accessible to the first session.
-
4. Re: Problem when using long-lived sessions, ACLs and events together
jacobilsoe Dec 12, 2014 9:02 AM (in response to hchiorean)I've tried adding a test in JcrObservationManagerTest but so far I haven't been able to reproduce. Then I wanted to tweak some existing ACL tests but couldn't find any. Are there no ACL tests?
-
6. Re: Problem when using long-lived sessions, ACLs and events together
jacobilsoe Dec 15, 2014 4:42 AM (in response to hchiorean)I was more thinking tests that involve both ACLs and events. Specifically tests that cover the code around org.modeshape.jcr.JcrObservationManager.ChangeSetConverter.shouldRejectChange.
I just tried downgrading to 4.0.0 and here things work as expected.
-
7. Re: Problem when using long-lived sessions, ACLs and events together
hchiorean Dec 15, 2014 5:07 AM (in response to jacobilsoe)We don't have any dedicated tests for the combination of Events & ACLs, which is why I asked for a test case in the first place. Using the examples from the previous links it shouldn't be difficult to create such a test case.
Also, you don't necessarily have to create a Unit Test (JUnit) which integrates out-of-the-box with out tests. Any runnable piece of code (e.g. separate maven module/project) is enough, as long as it reproduces the issue.
-
8. Re: Problem when using long-lived sessions, ACLs and events together
hchiorean Dec 17, 2014 9:40 AM (in response to jacobilsoe)I created & ran a test case based on your description and it runs fine (remember that when dealing with node events permissions are checked on the parent node and while dealing with property events permissions are checked on the owning node). You can see the test case here: https://github.com/hchiorean/modeshape/blob/observation-acl/modeshape-jcr/src/test/java/org/modeshape/jcr/JcrObservationManagerTest.java#L2302
You can use that as a base to try reproducing your issue
-
9. Re: Problem when using long-lived sessions, ACLs and events together
jacobilsoe Dec 17, 2014 4:02 PM (in response to hchiorean)Thanks a lot for taking time to write a test case. I will have a look and try to fit it to the issue I am experiencing.