Thanks Carsten. Made since once I looked into the webconsole security provider. This also makes the process as simple as "install this bundle".
I'm also going to look into a combination of Eric and Bertrand's concepts to enable a test of the repoinit scripts. The key here (IMO) is that you have to be able to configure the version of the parser and repoinit library as support for various commands varies by version. Since we're promoting RepoInit as *the* way to set up a Sling repository, anything we can do from a tooling perspective to make it easier to develop significantly helps, especially those who are not as familiar with the RepoInit grammar. On Sat, Aug 7, 2021 at 4:21 AM Carsten Ziegeler <[email protected]> wrote: > > Am 06.08.2021 um 14:40 schrieb Bertrand Delacretaz: > > I was going to say that you should use the incoming request's identity > > instead of calling loginAdministrative [2] but I forgot if that's > > possible in a web console plugin. > > > > The current code causes a privilege escalation, which might be ok for > > a console plugin but that IMHO we should avoid if possible. > > > > Privilege escalation should really be avoided. Just for the record, a > webconsole plugin can use the current user / resource resolver - if > Sling's webconsole security provider is enabled. > > Regards > Carsten > > -- > Carsten Ziegeler > Adobe > [email protected] >
