[
https://issues.apache.org/jira/browse/SLING-3435?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13923708#comment-13923708
]
Mike Müller commented on SLING-3435:
------------------------------------
Unfortunately there are no integration tests existing by now. We should have
tests for ResourceAccessSecurity with more than one registered
ResourceAccessGate and different users which try to access resurces. Only with
such a test we really could cover the functionality (and assure the correctness
of the implementation while we extend it). Maybe serverside tests will meet
these requirements. But it may be easer to setup a "full" integration test with
access over http.
> ResourceAccessSecurity does not secure access for update operations
> -------------------------------------------------------------------
>
> Key: SLING-3435
> URL: https://issues.apache.org/jira/browse/SLING-3435
> Project: Sling
> Issue Type: New Feature
> Components: ResourceResolver
> Reporter: Marius Petria
> Assignee: Mike Müller
> Attachments: SLING-3435.1.patch, SLING-3435.patch
>
>
> ResourceAccessSecurity should use gates registered for update operations in
> order to secure access to modifiable value maps.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
