+1B would be my slight preference. NOTE: that I have also opened FELIX-6390 to ask for changes suggested by Julian that would make that solution cover more scenarios.
Unfortunately, we haven't gotten much closer to any consensus as the only people who have voted are the people who have already discussed the same in the jira ticket. I'll give it a bit more time for more voices. Is there anyone else who would like to express a preference or objection? -Eric On Wed, Feb 24, 2021 at 1:00 PM Eric Norman <[email protected]> wrote: > RE: SLING-10147 <https://issues.apache.org/jira/browse/SLING-10147> - > scripting > variables implementation details are exposed to not authorized users > > The comments from the issue have revealed different opinions on the best > way to solve this. You may review the comments in jira for the details. > > I have prepared 2 pull requests with an attempt at a solution for the 2 > different approaches for your consideration: > > A. PR #5 > <https://github.com/apache/sling-org-apache-sling-scripting-core/pull/5> - > works with or without WebConsoleSecurityProvider2 service existing, but is > a more complex implementation with more code. > > B. PR #7 > <https://github.com/apache/sling-org-apache-sling-scripting-core/pull/7> - > requires > WebConsoleSecurityProvider2 service to exist but is a > simpler implementation with less code. > > > Please vote to express your preference: > > [ ] +1A Approve the solution from PR #5 > [ ] +1B Approve the solution from PR #7 > [ ] 0 Don't care > [ ] -1 Neither solution, because ... > > This majority vote is open for at least 72 hours. > > Regards, > Eric Norman >
