Eric Norman created SLING-11321:
-----------------------------------
Summary: The effective acl/ace json output should contain the
paths where the privileges were declared
Key: SLING-11321
URL: https://issues.apache.org/jira/browse/SLING-11321
Project: Sling
Issue Type: Improvement
Reporter: Eric Norman
Assignee: Eric Norman
Fix For: JCR Jackrabbit Access Manager 3.0.12
Use Case: For debugging purposes, or if you want a UI view of the effective ACE
or ACL to be able to draw links to where the privileges were defined.
It would be useful for the effective acl and effective ace json to include a
"declaredAt" structure for each principal that has the all paths where an
applicable ACE was defined.
Expected something like this for node based ACE definitions:
{noformat}
{
"principal": "everyone",
"privileges": {
"jcr:read": {
"allow": true
},
"jcr:readAccessControl": {
"allow": true
}
},
"declaredAt": {
"node": [
"/content",
"/content/pages"
]
}
}{noformat}
Where declaredAt/node contains the paths for any entries defined on a node.
Or something like this for principal based ACE definitions:
{noformat}
{
"principal":"sling-readall",
"privileges":{
"jcr:read":{
"allow":true
},
"jcr:readAccessControl":{
"allow":true
}
},
"declaredAt":{
"principal":[
"/content/pages",
"/"
]
}
}{noformat}
Where declaredAt/principal contains the paths for any principalbased access
controlĀ
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
