exist icon indicating copy to clipboard operation
exist copied to clipboard
verified publisher icon eXist-db

[BUG] attempting to read permissions leads to permission denied exception

Open line-o opened this issue 3 years ago • 0 comments

Describe the bug

When a db user attempts to read the permissions for a resource that they are not allowed to access the query will throw with a PermissionDeniedException.

This is problematic when listing the contents of a collection that this user has access to. Simply iterating over the collection contents and listing the permissions of each entry will eventually throw.

Expected behavior

Permissions of each entry in a collection a user has access to to be readable.

To Reproduce

xquery version "3.1";

module namespace t="http://exist-db.org/xquery/test";

declare namespace test="http://exist-db.org/xquery/xqsuite";

declare
    %test:setUp
function t:setup() {
    xmldb:login("guest", "guest")
};

declare
    %test:tearDown
function t:tearDown() {
  (: logout guest? :)
};

declare
    %test:assertTrue
function t:test() {
    exists(sm:get-permissions('/db/system/security')/sm:permission)
};

Context (please always complete the following information):

  • eXist-db version: [e.g. 5.1.1] 6.0.1-SNAPSHOT
  • Java Version [e.g. Java8u121] java8u312

Additional context

  • How is eXist-db installed? [e.g. JAR installer, DMG, … ] built from source
  • Any custom changes in e.g. conf.xml? none

line-o avatar Feb 13 '22 11:02 line-o