cql_filter_write not fully enforced on updates

[dispiste]

Steps to reproduce

1. Define a rule in Geoserver-ACL:

   cql_filter_write: tipo = 5

2. Insert a feature in Geoserver, using WFS, with tipo = 4 .

   • Result: Rejected (expected).

3. Insert a feature with tipo = 5.

4. Update this feature, changing tipo from 5 to 4.

   • Result: Accepted (unexpected).

Actual behavior

The rule only validates the original value of the feature during an update, not the new value.

Expected behavior

Both the original and updated values should be validated against cql_filter_write, otherwise restricted values can be inserted indirectly (insert + update).

[groldan]

Thanks for the report @dispiste

In #90 I've added a baterry of tests for WFS/ACL interaction.

In particular, Transactiontest.testUpdateWithCqlWriteRule_newValueInvalid() reproduces this issue.

However, it's not enforceable by ACL itself, but a deeper GeoServer issue:

• ACLResourceAccessManager.buildVectorAccessLimits() correctly creates the VectorAccessLimits
• SecuredFeatureLocking.modifyFeatures() and SecuredFeatureStore.modifyFeatures() (both GeoServer decorators) receive the attribute names and values to set based on a filter, apply the filter to the "source" features, but do not validate the names/values arrays comply with the VectorAccessLimits.getWriteFilter()