[dna-issues] [JBoss JIRA] Updated: (DNA-399) Need to Add Session.checkPermission Calls to Guard Read, Add Node, Set Property, and Remove Item Access

[ https://jira.jboss.org/jira/browse/DNA-399?page=com.atlassian.jira.plugin... ] Brian Carothers updated DNA-399: -------------------------------- Attachment: DNA-399_forum_feedback.patch Attached patch that incorporates the feedback-to-date from the forum topic. An additional "admin" role is added and security checks for permanently registering and unregistering types and namespaces were added that check for this role. The admin role is a superset of the readwrite role, which is itself a superset of the readonly role. The pattern for mapping roles was changed to be <role name>[.<repository name>[.<workspace name>]] instead of <role name>[.<workspace name>]. Finally, JcrRepository.login was modified to not allow users to log into workspaces to which they do not have at least readonly access. JcrWorkspace.getAccessibleWorkspaceNames() was also modified to filter out workspace names to which the user does not have at least readonly access. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira