Hi, I don't understand what makes grepping for SlingAdminSession easier than grepping for loginAdministrative?
Carsten Bertrand Delacretaz wrote > Hi, > > This is about SLING-5135, do people have ideas for identifying which > usages of loginAdministrative are acceptable? > > I'll need this for SLING-5355 for example, which creates users and > sets access control. > > IMO the proper way to keep track of this is to keep the explanation > why the programmer thinks it's ok to use loginAdministrative in the > code, next to the "get admin session" call. > > Here's a suggested pattern that forces the caller to use a specific > wrapper class to get an admin session: > > // This code needs an admin session, for a valid reason > // which is spelled out in the SlingAdminSession constructor > Session s = new SlingAdminSession(repository, "setting access > control at Sling startup").getSession(); > > And we modify the existing loginAdministrative method to fail (when > isDisableLoginAdministrative is true) unless it is called from > SlingAdminSession, detected using > Thread.currentThread().getStackTrace(). > > This allows for removing all loginAdministrative calls from our code, > and easily checking that with grep. > And also auditing with grep where "new style" admin sessions are used. > > We can then use a similar pattern for > ResourceResolverFactory.getAdministrativeResourceResolver(), if we are > still using this deprecated method. > > WDYT? > > -Bertrand > -- Carsten Ziegeler Adobe Research Switzerland [email protected]
