Re: [Exist-development] [Exist-commits] SF.net SVN: exist:[12607] trunk/eXist/src/org/exist/xmldb

[Loren C. <lor...@gm...>]

You need read access to the parent collection to get to the resource at all.  It is redundant to check the read permission of the parent collection.


There were three items being checked creation date-time, last update date-time and resource size.  This change had to be done to the XML resource and the binary resource.

I also see the point about changing in two places.  There is little reason to have the implementation of getCreationTime(), getLastModificationTime(), and getContentLength() in the two concrete classes.  There is an abstract method for all three of these in AbstractExistResource and the implementations are nearly identical and could be.  There is also the check in LocalBinaryResource for:

        if (isNewResource)
            throw new XMLDBException(ErrorCodes.INVALID_RESOURCE, "The resource has not yet been stored");

and that is not in LocalXMLResource.  I will move these three methods implementation up to AbstractExistResource and test to see if there are any changes to the system.

Loren


On Aug 29, 2010, at 03:20 PM, Dmitriy Shabanov wrote:

> Why did you remove all security checks? I did show to you that there
> must be one, on parent collection permissions.
> 
> Another why: if you change one interface functional, you must do same
> changers to others!