[
https://issues.apache.org/jira/browse/SLING-10760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17405728#comment-17405728
]
Konrad Windszus edited comment on SLING-10760 at 8/27/21, 10:20 AM:
--------------------------------------------------------------------
[~angela] With which version of FileVault have you tested importing that
package (AEM uses a pretty outdated one)? Everything not covered by the
filter.xml should not be installed! The only edge case is nodes represented by
empty elements
(http://jackrabbit.apache.org/filevault/docview.html#Empty_Elements) in
enhanced docview which will not be removed, but this is not really related to
the filter.xml question.
There is currently a bug related to authorization nodes (JCRVLT-522) which are
applied independent if they are contained in the filter rules. Not sure we can
ever fix this, as a lot of packages probably now rely on this bug!
was (Author: kwin):
[~angela] With which version of FileVault have you tested importing that
package (AEM uses a pretty outdated one)? Everything not covered by the
filter.xml should not be installed! The only edge case is nodes represented by
empty elements
(http://jackrabbit.apache.org/filevault/docview.html#Empty_Elements) in
enhanced docview which will not be removed, but this is not really related to
the filter.xml question.
> Converter ignores access control content in .content.xml files
> --------------------------------------------------------------
>
> Key: SLING-10760
> URL: https://issues.apache.org/jira/browse/SLING-10760
> Project: Sling
> Issue Type: Bug
> Components: Content-Package to Feature Model Converter
> Reporter: Angela Schreiber
> Priority: Major
> Attachments: subtree_in_contentxml_policy.png,
> subtree_in_contentxml_sibling.png
>
>
> [~kpauls], while trying to find more edge cases that could cause SLING-10754,
> i noticed that not only sibling nodes but also access control content (like
> e.g. _rep:policy_ nodes) contained in a _.content.xml_ get installed by
> Jackrabbit Filevault even if those nodes are not covered by the corresponding
> {{WorkspaceFilter}}.
> It also seems that these package 'entries' are not spotted by the converter
> and thus the dedicated {{EntryHandler}} implementations that are intended to
> analyze and convert special content like e.g. access control (but probably
> not limited to that) are not triggered.
> In other words: content hidden in _.content.xml_ will not be properly
> converted but will be installed even if not covered by _filter.xml_
> associated with the content package. I don't know if that actually intended
> behavior of Jackrabbit FileVault (the documentation clearly stating that
> everything should be covered by filter rules [0], section 'Usage for
> Import/Installation'), but if it is correct it might in the worse case
> require the converter to parse all _.content.xml_ files and delegate to the
> proper handler implementations.
> [~kwin], I would appreciate your input on the FileVault related question of
> this ticket. In particular: is it correct and intended that subnodes defined
> in _.content.xml_ get installed even if not covered by any filter rule?
> [0] https://jackrabbit.apache.org/filevault/filter.html
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
