[
https://issues.apache.org/jira/browse/SLING-9692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17230471#comment-17230471
]
Angela Schreiber edited comment on SLING-9692 at 11/12/20, 9:17 AM:
--------------------------------------------------------------------
[~rombert], [~dsuess], IMHO the issue should be 2-fold:
- if content packages contain principal-based access control policies the
converter should recognize them and generate the correct repoinit statements:
i.e. policy nodes that have primary type {{rep:PrincipalPolicy}} should be
converted to repo-init statement {{set principal ACL for principalName [...]}}.
note that Jackrabbit fVault has been adjusted to support principal-based
policies in content packages, so those might actually show up.
- second there should be an option to convert resource-based access control
setup for service users as defined in the content packages to principal-based
access control setup in repo-init:
** make sure service users are created below the supported location
** generate principal-based access control statements instead of
resource-based ac
** note: in contrast to resource-based access control the target nodes where
the entries will take effect are not required to exist at the time the ac setup
is defined.
was (Author: anchela):
[~rombert], [~dsuess], IMHO the issue should be 2-folded:
- if content packages contain principal-based access control policies the
converter should recognize them and generate the correct repoinit statements:
i.e. policy nodes that have primary type {{rep:PrincipalPolicy}} should be
converted to repo-init statement {{set principal ACL for principalName [...]}}.
note that Jackrabbit fVault has been adjusted to support principal-based
policies in content packages, so those might actually show up.
- second there should be an option to convert resource-based access control
setup for service users as defined in the content packages to principal-based
access control setup in repo-init:
** make sure service users are created below the supported location
** generate principal-based access control statements instead of
resource-based ac
** note: in contrast to resource-based access control the target nodes where
the entries will take effect are not required to exist at the time the ac setup
is defined.
> Add support for principal-based access control entries
> ------------------------------------------------------
>
> Key: SLING-9692
> URL: https://issues.apache.org/jira/browse/SLING-9692
> Project: Sling
> Issue Type: Improvement
> Components: Content-Package to Feature Model Converter
> Reporter: Robert Munteanu
> Priority: Major
> Fix For: Content-Package to Feature Model Converter 1.1.2
>
>
> When passed a content package that contains principal-based access control
> entries, the converter ignores them. It should instead generate the proper
> repoinit statements.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
