-
Type: Sub-task
-
Status: Open
-
Priority: Minor
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: QualifiedToSchedule
-
Component/s: Core
-
Tags:
Context
BulkLifeCycleChangeListener is used to apply lifecycle changes on a sub tree.
As a result : it is used when putting a Document to trash or restoring it.
As reported in SUPNXP-9785, with the current system, you can end up putting in trash a subtree containing folders that you don't have access to.
This can be seen as a problem.
Approach
To solve this we can not do a full tree pre-check : this would be too slow.
However, an option could be to do the LifeCycle transition from bottom to up and checking security "on behalf" of users for each node.
If want to perform the check for complete deletion use case, this logic will have to be implemented at SQL level