[
https://issues.apache.org/jira/browse/SLING-3435?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13922415#comment-13922415
]
Marius Petria edited comment on SLING-3435 at 3/6/14 12:21 PM:
---------------------------------------------------------------
Hi,
I have put some unit tests to illustrate the implementation and removed the
ModifiableResourceAccessGateFactory.
The only thing to note is that updates are done via a resource, and in general
for updates to work for a resource one needs to have also the READ access. I
could not find a way to let updates work if one does not have the READ
permission.
was (Author: mpetria):
Hi,
I have put some unit tests to illustrate the implementation and removed the
ModifiableResourceAccessGateFactory.
The only thing to note is that updates are done via a Resource, and in general
for updates to work for a resource one needs to have also the READ access.
> ResourceAccessSecurity does not secure access for update operations
> -------------------------------------------------------------------
>
> Key: SLING-3435
> URL: https://issues.apache.org/jira/browse/SLING-3435
> Project: Sling
> Issue Type: New Feature
> Components: ResourceResolver
> Reporter: Marius Petria
> Assignee: Mike Müller
> Attachments: SLING-3435.1.patch, SLING-3435.patch
>
>
> ResourceAccessSecurity should use gates registered for update operations in
> order to secure access to modifiable value maps.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
