[jira] [Comment Edited] (SLING-6423) Allow for specifying ACL merge mode (ACHandling) in repoinit
[ https://issues.apache.org/jira/browse/SLING-6423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15823765#comment-15823765 ] Bertrand Delacretaz edited comment on SLING-6423 at 1/16/17 10:52 AM: -- Thanks very much for your contributions! I have committed your ACLOptions patch in http://svn.apache.org/r1779004 and the GeneralAclTest patch in http://svn.apache.org/1779005 - I have then modified that to use @Ignore for the tests that do not work so far, until that JCR module supports the ACLOptions, to make things more explicit. was (Author: bdelacretaz): Thanks very much for your contributions! I have committed your ACLOptions 1779004 patch in http://svn.apache.org/r1779004 and the GeneralAclTest patch in http://svn.apache.org/1779005 - I have then modified that to use @Ignore for the tests that do not work so far, until that JCR module supports the ACLOptions, to make things more explicit. > Allow for specifying ACL merge mode (ACHandling) in repoinit > > > Key: SLING-6423 > URL: https://issues.apache.org/jira/browse/SLING-6423 > Project: Sling > Issue Type: New Feature > Components: Repoinit >Reporter: Nitin Nizhawan > Attachments: SLING-6423_parser_changes.patch, > SLING-6423_testcases.patch, SLING_6423_testcasesV2.patch > > > Repoinit by default just add new ACLs if they are not already present. > By contract package manager provides various strategies for ACL merging > Extend repoinit to allow specifying these strategies > https://jackrabbit.apache.org/filevault/apidocs/org/apache/jackrabbit/vault/fs/io/AccessControlHandling.html#MERGE -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (SLING-6423) Allow for specifying ACL merge mode (ACHandling) in repoinit
[ https://issues.apache.org/jira/browse/SLING-6423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15821973#comment-15821973 ] Nitin Nizhawan edited comment on SLING-6423 at 1/14/17 5:58 AM: [~bdelacretaz] Attached patch SLING-6423_parser_changes.patch to support ACLOptions syntax in parser. Could you please review was (Author: nitin.nizhawan): [~bdelacretaz] Attached patch to support ACLOptions syntax in parser. Could you please review > Allow for specifying ACL merge mode (ACHandling) in repoinit > > > Key: SLING-6423 > URL: https://issues.apache.org/jira/browse/SLING-6423 > Project: Sling > Issue Type: New Feature > Components: Repoinit >Reporter: Nitin Nizhawan > Attachments: SLING-6423_parser_changes.patch, > SLING-6423_testcases.patch, SLING_6423_testcasesV2.patch > > > Repoinit by default just add new ACLs if they are not already present. > By contract package manager provides various strategies for ACL merging > Extend repoinit to allow specifying these strategies > https://jackrabbit.apache.org/filevault/apidocs/org/apache/jackrabbit/vault/fs/io/AccessControlHandling.html#MERGE -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (SLING-6423) Allow for specifying ACL merge mode (ACHandling) in repoinit
[ https://issues.apache.org/jira/browse/SLING-6423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15821973#comment-15821973 ] Nitin Nizhawan edited comment on SLING-6423 at 1/14/17 5:58 AM: [~bdelacretaz] Attached patch SLING\-6423_parser_changes.patch to support ACLOptions syntax in parser. Could you please review was (Author: nitin.nizhawan): [~bdelacretaz] Attached patch SLING-6423_parser_changes.patch to support ACLOptions syntax in parser. Could you please review > Allow for specifying ACL merge mode (ACHandling) in repoinit > > > Key: SLING-6423 > URL: https://issues.apache.org/jira/browse/SLING-6423 > Project: Sling > Issue Type: New Feature > Components: Repoinit >Reporter: Nitin Nizhawan > Attachments: SLING-6423_parser_changes.patch, > SLING-6423_testcases.patch, SLING_6423_testcasesV2.patch > > > Repoinit by default just add new ACLs if they are not already present. > By contract package manager provides various strategies for ACL merging > Extend repoinit to allow specifying these strategies > https://jackrabbit.apache.org/filevault/apidocs/org/apache/jackrabbit/vault/fs/io/AccessControlHandling.html#MERGE -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (SLING-6423) Allow for specifying ACL merge mode (ACHandling) in repoinit
[ https://issues.apache.org/jira/browse/SLING-6423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15768903#comment-15768903 ] Nitin Nizhawan edited comment on SLING-6423 at 1/2/17 11:23 AM: It seems current repoinit implementation just adds ACEs to ACLs if those ACEs didn't already exist. Whereas behaviour of merge and merge_preserve is based on principals \[0\]. For example given existing ACLs as {code} ALLOW bob rep:write ALLOW alice jcr:read {code} New ACL {code} ALLOW bob rep:write ALLOW bob crx:replicate ALLOW alice jcr:read {code} When merged will have following resutls 1. Using repoinit {code} ALLOW bob rep:write ALLOW alice jcr:read ALLOW bob crx:replicate {code} 2. Using merge ACHandling {code} ALLOW bob rep:write,crx:replicate ALLOW alice jcr:read {code} 3. Using merge_preserve ACHandling {code} ALLOW bob rep:write ALLOW alice jcr:read {code} \[0\] https://github.com/apache/jackrabbit-filevault/blob/4528e3ebb851377e37f46fc7cac411d12520ace6/vault-core/src/main/java/org/apache/jackrabbit/vault/fs/impl/io/JackrabbitACLImporter.java#L277 Thanks Nitin was (Author: nitin.nizhawan): It seems current repoinit implementation just adds ACEs to ACLs if those ACEs didn't already exist. Whereas behaviour of merge and merge_preserve is based on principals \[0\]. For example given existing ACLs as {code} ALLOW bob rep:write ALLOW alice jcr:read {code} New ACL {code} ALLOW bob rep:write ALLOW bob crx:replicate ALLOW alice jcr:read {code} When merged will have following resutls 1. Using repoinit {code} ALLOW bob rep:write ALLOW alice jcr:read ALLOW bob crx:replicate {code} 2. Using merge ACHandling {code} ALLOW bob rep:write ALLOW bob crx:replicate ALLOW alice jcr:read {code} 3. Using merge_preserve ACHandling {code} ALLOW bob rep:write ALLOW alice jcr:read {code} \[0\] https://github.com/apache/jackrabbit-filevault/blob/4528e3ebb851377e37f46fc7cac411d12520ace6/vault-core/src/main/java/org/apache/jackrabbit/vault/fs/impl/io/JackrabbitACLImporter.java#L277 Thanks Nitin > Allow for specifying ACL merge mode (ACHandling) in repoinit > > > Key: SLING-6423 > URL: https://issues.apache.org/jira/browse/SLING-6423 > Project: Sling > Issue Type: New Feature > Components: Repoinit >Reporter: Nitin Nizhawan > > Repoinit by default just add new ACLs if they are not already present. > By contract package manager provides various strategies for ACL merging > Extend repoinit to allow specifying these strategies > https://jackrabbit.apache.org/filevault/apidocs/org/apache/jackrabbit/vault/fs/io/AccessControlHandling.html#MERGE -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (SLING-6423) Allow for specifying ACL merge mode (ACHandling) in repoinit
[ https://issues.apache.org/jira/browse/SLING-6423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15768903#comment-15768903 ] Nitin Nizhawan edited comment on SLING-6423 at 1/2/17 10:01 AM: It seems current repoinit implementation just adds ACEs to ACLs if those ACEs didn't already exist. Whereas behaviour of merge and merge_preserve is based on principals \[0\]. For example given existing ACLs as {code} ALLOW bob rep:write ALLOW alice jcr:read {code} New ACL {code} ALLOW bob rep:write ALLOW bob crx:replicate ALLOW alice jcr:read {code} When merged will have following resutls 1. Using repoinit {code} ALLOW bob rep:write ALLOW alice jcr:read ALLOW bob crx:replicate {code} 2. Using merge ACHandling {code} ALLOW bob rep:write ALLOW bob crx:replicate ALLOW alice jcr:read {code} 3. Using merge_preserve ACHandling {code} ALLOW bob rep:write ALLOW alice jcr:read {code} \[0\] https://github.com/apache/jackrabbit-filevault/blob/4528e3ebb851377e37f46fc7cac411d12520ace6/vault-core/src/main/java/org/apache/jackrabbit/vault/fs/impl/io/JackrabbitACLImporter.java#L277 Thanks Nitin was (Author: nitin.nizhawan): It seems current repoinit implementation just adds ACEs to ACLs if those ACEs didn't already exist. Whereas behaviour of merge and merge_preserve is based on principals \[0\]. For example given existing ACLs as {code} ALLOW bob rep:write ALLOW alice jcr:read {code} New ACL {code} ALLOW bob rep:write ALLOW bob cq:replicate ALLOW alice jcr:read {code} When merged will have following resutls 1. Using repoinit {code} ALLOW bob rep:write ALLOW alice jcr:read ALLOW bob cq:replicate {code} 2. Using merge ACHandling {code} ALLOW bob rep:write ALLOW bob cq:replicate ALLOW alice jcr:read {code} 3. Using merge_preserve ACHandling {code} ALLOW bob rep:write ALLOW alice jcr:read {code} \[0\] https://github.com/apache/jackrabbit-filevault/blob/4528e3ebb851377e37f46fc7cac411d12520ace6/vault-core/src/main/java/org/apache/jackrabbit/vault/fs/impl/io/JackrabbitACLImporter.java#L277 Thanks Nitin > Allow for specifying ACL merge mode (ACHandling) in repoinit > > > Key: SLING-6423 > URL: https://issues.apache.org/jira/browse/SLING-6423 > Project: Sling > Issue Type: New Feature > Components: Repoinit >Reporter: Nitin Nizhawan > > Repoinit by default just add new ACLs if they are not already present. > By contract package manager provides various strategies for ACL merging > Extend repoinit to allow specifying these strategies > https://jackrabbit.apache.org/filevault/apidocs/org/apache/jackrabbit/vault/fs/io/AccessControlHandling.html#MERGE -- This message was sent by Atlassian JIRA (v6.3.4#6332)