[jira] [Commented] (SLING-10281) Revert changes from SLING-9449

Tue, 20 Apr 2021 06:33:07 -0700 


    [ 
https://issues.apache.org/jira/browse/SLING-10281?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17325797#comment-17325797
 ] 

Bertrand Delacretaz commented on SLING-10281:
---------------------------------------------

I mostly looked at the tests and it's not clear to me what "outside of 
supported tree" means in code like this example:

{code:java}
 // create service user outside of supported tree for principal-based access 
control
U.parseAndExecute("create service user otherSystemPrincipal");

// setting up principal-acl will not succeed (principal not located below 
supported path)
String setup = "set principal ACL for otherSystemPrincipal \n"
  + "allow jcr:read on /non/existing/path\n"
  + "end";
 {code}

I think we need a clear explanation of that in the [repoinit 
docs|https://sling.apache.org/documentation/bundles/repository-initialization.html],
 pointing to the relevant Oak docs if that explanation is there. And a link to 
that in those tests for clarity. Happy to help write that explanation if needed 
as I have no clue so far so I'm a good guinea pig for the explanation.

Also, is there a test that clearly demonstrates the different behavior between 
SLING-9449 and this? Reverting the SLING-9449 changes might break some users 
repoinit scripts so we should make the difference obvious, and maybe mention 
SLING-9449 in the tests comments.

> Revert changes from SLING-9449
> ------------------------------
>
>                 Key: SLING-10281
>                 URL: https://issues.apache.org/jira/browse/SLING-10281
>             Project: Sling
>          Issue Type: Bug
>          Components: Repoinit
>    Affects Versions: Repoinit JCR 1.1.34
>            Reporter: Konrad Windszus
>            Assignee: Konrad Windszus
>            Priority: Major
>             Fix For: Repoinit JCR 1.1.36
>
>          Time Spent: 4h 40m
>  Remaining Estimate: 0h
>
> As highlighted in the last comment of SLING-9449, repoinit should use 
> exceptions when some statements cannot be applied (as that leads to an 
> undesired repository state). In the worst case it could lead to privilege 
> escalation



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to