Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-17371

Elasticsearch query should take in account custom NXQL Security Policy

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.0, 7.2
    • Fix Version/s: 6.0-HF16, 7.4
    • Component/s: Elasticsearch

      Description

      Custom security policies that are expressible in query should be taken in account by Elasticsearch query.
      Even if the unauthorized documents are not loaded this can create wrong pagination and expose unauthorized documents counts via aggregation.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: