[NXP-13109] Possible ACLR cache corruption on SQLServer - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.6.0-HF26, 5.7.3, 5.8
Fix Version/s: 5.6.0-HF27, 5.8.0-HF01, 5.9.1
Component/s: Core VCS

Tags:
- read_acl

Description

In certain condition the ACLR cache of a user can be invalid.
But Invalid in a safe way, the user will not see content that it is allowed to see on search results.

This happens in the following case:

a user U1 set an ACL on a document and generate a new read ACL (ACLR A)
someone change the ACL on the previous document, the ACLR A is still present in the ACLR table
another user U2 log in and performs some NXQL that initialize its ACLR cache
someone set an ACL and generate again ACLR A, that already exists on the ACLR table
the ACLR cache for the user U2 is not updated with the ACLR A because there is no insert in the ACLR table

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

nuxeo-core-storage-sql-5.8-NXP-13109.jar
579 kB
2013-11-06 12:21
nuxeo-core-storage-sql-5.7.3-NXP-13109.jar
579 kB
2013-11-06 12:18

Activity

People

Assignee:

Benoit Delbosc

Reporter:

Benoit Delbosc

Participants:

Benoit Delbosc, Jenkins

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

2013-11-06 10:45

Updated:

2013-11-06 14:04

Resolved:

2013-11-06 13:17