This sounds like an interesting idea - what would it need in the resource resolver bundle to support this property?
Regards Carsten 2013/3/21 Mike Müller <[email protected]>: > Hi > > I'm coming up with a new thread concerning the use of the new > ResourceAccessSecurity service in implementations of ResourceProvider > which do not have uderlaying ACLs. > > My first thought was that each ResourceProvider without any ACLs should > implement some lightweight access security through the use of the > ResourceAccessSecurity service. The disadvantage of this approach is that > every resource provider has to implement the same calls. We do have the > implementation separated into the resourceaccesssecurity bundle but it's > nevertheless quite an effort for the resource providers to actually use this > service. > > To make this easier I propose that we insert a new service parameter for > ResourceProviders, called "applyResourceAccessSecurity" (or similar). > With this parameter set (which defaults to false) the calls to the > ResourceAccessSecurity are made automatically through the ResourceResolver > implementation. With this, it would be very easy for a resource provider > to use the ResourceAccessSecurity service. And it would be as easy as > setting a service parameter to implement it on FSResourceProvider, > BundleResourceProvider, MongoDBResourceProvider and future providers > without ACLs. > > WDYT? > > best regards > Mike -- Carsten Ziegeler [email protected]
