This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/sling-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 7661583 Automatic website deployment
7661583 is described below
commit 76615832c4ba28f3ef50c4cb40122f485b00e5bb
Author: jenkins <[email protected]>
AuthorDate: Fri Sep 20 08:52:55 2019 +0000
Automatic website deployment
---
.../bundles/repository-initialization.html | 50 +++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
diff --git a/documentation/bundles/repository-initialization.html
b/documentation/bundles/repository-initialization.html
index 0400bea..c97ab2e 100644
--- a/documentation/bundles/repository-initialization.html
+++ b/documentation/bundles/repository-initialization.html
@@ -198,6 +198,54 @@
set repository ACL for alice,bob
allow jcr:namespaceManagement,jcr:nodeTypeDefinitionManagement
end
+
+ # Set repository level ACL (variant, see SLING-8619)
+ # since
+ # o.a.s.repoinit.parser 1.2.8 and
+ # o.a.s.jcr.repoinit 1.1.14
+ set ACL for alice,bob
+ allow jcr:namespaceManagement on :repository
+ end
+
+ # Set principal-based access control (see SLING-8602)
+ # since
+ # o.a.s.repoinit.parser 1.2.8 and
+ # o.a.s.jcr.repoinit 1.1.14
+ # precondition for o.a.s.jcr.repoinit:
+ # repository needs to support
'o.a.j.api.security.authorization.PrincipalAccessControlList'
+ set principal ACL for alice,bob
+ remove * on /libs,/apps
+ allow jcr:read on /content,/var
+ deny jcr:write on /content/example.com
+
+ # Optional nodetypes clause
+ deny jcr:lockManagement on /apps, /content nodetypes sling:Folder,
nt:unstructured
+
+ # nodetypes clause with restriction clause
+ deny jcr:modifyProperties on /apps, /content nodetypes sling:Folder,
nt:unstructured restriction(rep:itemNames,prop1,prop2)
+
+ # multi value restriction
+ allow jcr:addChildNodes on /apps
restriction(rep:ntNames,sling:Folder,nt:unstructured)
+
+ # multiple restrictions
+ allow jcr:modifyProperties on /apps
restriction(rep:ntNames,sling:Folder,nt:unstructured)
restriction(rep:itemNames,prop1,prop2)
+
+ # restrictions with glob patterns
+ allow jcr:addChildNodes on /apps,/content
restriction(rep:glob,/cat,/cat/,cat)
+ allow jcr:addChildNodes on /apps,/content
restriction(rep:glob,cat/,*,*cat)
+ allow jcr:addChildNodes on /apps,/content
restriction(rep:glob,/cat/*,*/cat,*cat/*)
+ allow jcr:read on / restriction(rep:glob)
+ end
+
+ # Set principal-based access control on repository level (see SLING-8602)
+ # since
+ # o.a.s.repoinit.parser 1.2.8 and
+ # o.a.s.jcr.repoinit 1.1.14
+ # precondition for o.a.s.jcr.repoinit:
+ # repository needs to support
'o.a.j.api.security.authorization.PrincipalAccessControlList'
+ set principal ACL for alice,bob
+ allow jcr:namespaceManagement on :repository
+ end
# register namespace requires
# o.a.s.repoinit.parser 1.0.4
@@ -285,7 +333,7 @@
</div><footer class="footer">
<div class="content has-text-centered is-small">
<div class="revisionInfo">
- Last modified by <span class="author">Bertrand
Delacretaz</span> on <span class="comment">Fri Jan 25 13:01:15 2019 +0100</span>
+ Last modified by <span class="author">Angela
Schreiber</span> on <span class="comment">Fri Sep 20 10:50:38 2019 +0200</span>
</div> <p>
Apache Sling, Sling, Apache, the Apache feather logo,
and the Apache Sling project logo are trademarks of The Apache Software
Foundation. All other marks mentioned may be trademarks or registered
trademarks of their respective owners.
</p><p>
