[
https://issues.apache.org/jira/browse/SLING-10184?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17295270#comment-17295270
]
Angela Schreiber commented on SLING-10184:
------------------------------------------
[~karlpauls], since i already had the feature-analyzer-code open to check if
that would be doable, i created a first initial draft for the first 2
suggestions. not really familiar with the code, so it might be misplaced....
but something along that line might be useful to have.
> Spot problematic patters with RepoInit Analyzer
> -----------------------------------------------
>
> Key: SLING-10184
> URL: https://issues.apache.org/jira/browse/SLING-10184
> Project: Sling
> Issue Type: Improvement
> Components: Feature Model Analyser
> Reporter: Angela Schreiber
> Priority: Major
> Fix For: Feature Model Analyser 1.3.24
>
> Attachments: SLING-10184-initial-draft.patch
>
>
> [~karlpauls], as discussed i would like to suggest to add a bit of additional
> analysis to the repo-init checks in the feature model analyzer.
> the following features in repo-init should IMHO trigger a warning or fail the
> analyser:
> - regular user creation with password
> - ac-handling defined with access control setup that is present in the parser
> but luckily not implemented in the jcr-part (see SLING-6423)
> - resource-based access control setup with service users (maybe too AEM
> specific where principal-based-ac-setup should be used for service users)
> - minor: duplicate _set ACL for principalName_ statements for the same
> principal that could be merged into a single set-acl-...-end block
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
