XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.0
    • Epic Link:
    • Tags:
    • Impact type:
      API change
    • Upgrade notes:
      Hide

      Negative ACLs are now disallowed by default. They can be re-enabled in VCS by setting the following property in nuxeo.conf:

      nuxeo.security.allowNegativeACL=true

      (however note that this is incompatible with Elasticsearch indexing). For DBS they cannot be enabled as the storage model doesn't allow them.

      New API added:

      CoreSession.isNegativeAclAllowed()

      This can be used to check whether the current session allows negative ACLs. Negative ACLs are ACLs that include an ACE with a deny (isGranted=false). This does not include the full-blocking ACE for Everyone/Everything, which is always allowed.

      Convenience constructor added:

      ACE(username, permission): constructs an ACE for a given username and permission.

      Convenience constant added:

      ACE.BLOCK: an ACE that blocks all permissions for everyone.

      Show
      Negative ACLs are now disallowed by default. They can be re-enabled in VCS by setting the following property in nuxeo.conf: nuxeo.security.allowNegativeACL=true (however note that this is incompatible with Elasticsearch indexing). For DBS they cannot be enabled as the storage model doesn't allow them. New API added: CoreSession.isNegativeAclAllowed() This can be used to check whether the current session allows negative ACLs. Negative ACLs are ACLs that include an ACE with a deny (isGranted=false). This does not include the full-blocking ACE for Everyone/Everything, which is always allowed. Convenience constructor added: ACE(username, permission): constructs an ACE for a given username and permission. Convenience constant added: ACE.BLOCK: an ACE that blocks all permissions for everyone.
    • Sprint:
      Sprint RepoTeam 5.9.5-1, Sprint RepoTeam 5.9.5-2

      Description

      Implement an ACL model where a document's effective ACLs are only positive ACLs.

      This is possible if the only possible blocking is everything.

      This allows a number of low-level optimisations, and allows ACL checks to be just a set intersection. This also allows a model more compatible with cloud storage, where the access to a document is controlled by just a list of allowed identities.

      1. flag in Nuxeo to enable this mode
      2. checks that no blocking ACLs are set against the rules
      3. low-level optimizations in VCS

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: