Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-15970

Allow ACL-related queries from NXQL

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.0-HF06, 7.2
    • Component/s: Core, Core VCS
    • Tags:
    • Upgrade notes:
      Hide

      Queries on ACLs can be done using the pseudo-list properties:

      ecm:acl/*/principal : the user or group
      ecm:acl/*/permission : the permission
      ecm:acl/*/grant : true/false (1/0) for grant/deny
      ecm:acl/*/name : the ACL name
      ecm:acl/*/pos : the position (VCS only)

      Like for all lists, the * should be suffixed by a correlation integer if several references to the same access control entry are done.

      Show
      Queries on ACLs can be done using the pseudo-list properties: ecm:acl/*/principal : the user or group ecm:acl/*/permission : the permission ecm:acl/*/grant : true/false (1/0) for grant/deny ecm:acl/*/name : the ACL name ecm:acl/*/pos : the position (VCS only) Like for all lists, the * should be suffixed by a correlation integer if several references to the same access control entry are done.
    • Sprint:
      Sprint RepoTeam 7.1-1

      Description

      We need a way to add ACL-related clauses to NXQL.

      Example of suggested syntax:

      SELECT * FROM Document WHERE ecm:acl/*1/name = 'local' and ecm:acl/*1/grant = 0
      SELECT * FROM Document WHERE ecm:acl/*/principal = 'bob'

      Note that the goal is not to find all documents to which given permissions apply, but just those on which a specific ACL is set. In other words it doesn't do inheritance (which needs optimized indexes like the one we have for Browse).

        Attachments

          Issue Links

          is required by

          Sub-task - The sub-task of the issue NXP-17431 Allow to use creator, begin and end in ACL-related queries

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. NXP-15439 MongoDB fixes

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. NXP-16488 Allow ACL-related queries from NXQL on MongoDB

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: