Describe the bug
ACL can't be owned by a GrantedAuthoritySid
To Reproduce
As user with a role named TEST, after successfully changing an ACL ownership in this way:
acl.setOwner(new GrantedAuthoritySid("ROLE_TEST"));
aclService.updateAcl(acl);
I can't perform further modifications to the ACL (eg. changing back the ownership to me).
see:
https://github.com/spring-projects/spring-security/blob/master/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java#L92
Expected behavior
Any user with ROLE_TEST granted authority should be able to change the ACL.
Describe the bug
ACL can't be owned by a GrantedAuthoritySid
To Reproduce
As user with a role named TEST, after successfully changing an ACL ownership in this way:
I can't perform further modifications to the ACL (eg. changing back the ownership to me).
see:
https://github.com/spring-projects/spring-security/blob/master/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java#L92
Expected behavior
Any user with ROLE_TEST granted authority should be able to change the ACL.