[
https://issues.apache.org/jira/browse/SLING-1555?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Justin Edelson updated SLING-1555:
----------------------------------
Component/s: (was: API)
JCR
> UserManager permissions manipulation services API
> -------------------------------------------------
>
> Key: SLING-1555
> URL: https://issues.apache.org/jira/browse/SLING-1555
> Project: Sling
> Issue Type: Improvement
> Components: JCR
> Affects Versions: JCR Jackrabbit User Manager 2.1.0
> Reporter: Fabrizio Scarcello
> Assignee: Eric Norman
> Labels: api, programmatically, service, usermanager
> Fix For: JCR Jackrabbit User Manager 2.1.2
>
>
> It would be nice if the jackrabbit.usermanager bundle exposed OSGI service(s)
> that maps exactly the functionalities of the REST services, so that one can
> use their features also in a programmatic way.
> This can be useful if an application has to manage users and groups without
> having an explicit request object (ex: from an EventListener), or in the case
> a user has to manipulate his account (in this case he doesn't have an
> administrative account, so his requests are not permitted to modify users).
> Also i think that, in certain situations, it could be just cleaner and
> simpler to write a servlet or script that directly invoke the methods,
> instead of find the way to invoke the REST services.
> I think a simple but exaustive way to achieve this can be the direct mapping
> of the REST services described in
> http://sling.apache.org/site/managing-users-and-groups-jackrabbitusermanager.html
> and
> http://sling.apache.org/site/managing-permissions-jackrabbitaccessmanager.html,
> only using well-known JCR classes.
> For example, obtaining the users list could be as simple as getting the
> UserManager OSGI service and invoking a method like "public NodeIterator
> listUsers()", changing a permission could be achieved by getting the
> AccessManager OSGI service and invoking a method like "public void
> modifyPermission(String node_path, String principalId, String privilege_name,
> String privilege_value, String order)", and so on...
> Perhaps the best way to standardize these services is a dedicated API that
> formalizes the underlying concepts (ex: User, Group, Privilege and
> NodeAccessControl... if you think it's the case, i could propose my own...),
> but i think the simple REST services mapping could already be a nice (and
> ready-to-go) feature for developers...
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
