Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-18212

Make more info available to per-blob security policies

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 7.4
    • Fix Version/s: 7.10
    • Component/s: Core

      Description

      The security policies introduced in NXP-17933 need to get as much info as possible from the origin of the blob whose download permission is being checked.

      For instance, when downloading a PDF conversion, we should propagate the XPath of the original blob.

      In addition, the various Restlet-based downloads (preview, contentDiff, etc.) must also be protected by the download service checks.

        Attachments

          Issue Links

          depends on

          New Feature - A new feature of the product, which has yet to be developed. NXP-17933 Allow downloads to get per-blob security policies (download permissions)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is duplicated by

          Improvement - An improvement or enhancement to an existing feature or task. NXP-16544 Upgrade org.javassist:javassist to 3.19.0-GA

          • Major - Major loss of function.
          • Resolved
          is required by

          Improvement - An improvement or enhancement to an existing feature or task. NXP-18237 Allow use of Java 8 lambdas in Seam beans

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: