Angela Schreiber created SLING-10467:
----------------------------------------
Summary: Converted content package misses .content.xml files
Key: SLING-10467
URL: https://issues.apache.org/jira/browse/SLING-10467
Project: Sling
Issue Type: Bug
Components: Content-Package to Feature Model Converter
Reporter: Angela Schreiber
[~kpauls], in the light of the _enforce-principal-based-supported-path_
configuration option i had a look at the converted content packages, which
probably need to be used instead of the original packages if the modifications
applied by converted are not to be reverted by later installing the original
content package.
i therefore created a simple test content package _demo-cp.zip_ that contains:
- a regular user in 'demo-cp' subfolder
- a regular group in 'demo-cp' subfolder
- a bunch of service users both with resource-based and principal-based ac
setup
- content root at /demo-cp with a ac-policy (entries for user, group and
service user)
- a serviceusermapping configuration below /apps/demo-cp
and had the converter generate _demo-cp-0.0.0-cp2fm-converted.zip_
when trying to install the converted content package on a repository that
content for service users and below /apps installed, i noticed that the
converted package will actually remove that content.
i suspect that this is caused by _META_INF/vault/filter.xml_ and/or
_META-INF/vault/definition/content.xml_ still referring to those parts that got
'moved' to repo-init. in case of the dependency/.content.xml it states that the
import mode is _replace_ (same as in original package).
maybe my test package is not correct.... but I would have expected that the
paths that have been installed by repo-init statements should no longer be
covered by the converted package (everything below /apps and
/home/users/system) or/and should have the import-mode changed to the
deprecated -MERGE- or new MERGE_PROPERTIES. the latter would be needed for any
kind of resource-based AC setup for service users at mutable content nodes
(NOTE: doesn't apply in case ac-setup for service users is migrated to
principal-based authorization which entirely resides below the service user
home).
edge case: if regular users were to be located below _/home/users/system_
excluding that path from the package definition obviously doesn't work....
changing import mode would be required. alternatively: spotting regular users
below _home/users/system_ and abort converter.
wdyt?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
