GitHub user code-distillery reopened a pull request:
https://github.com/apache/sling/pull/185
SLING-5135 - Whitelist legit usages of loginAdministrative and
administrative ResourceResolver
This pull request includes the following refactorings:
1. Replace `AbstractSlingRepositoryManager#getLoginAdminWhitelist()` with
`AbstractSlingRepositoryManager#allowLoginAdministrativeForBundle(Bundle)`.
This allows implementations of `AbstractSlingRepositoryManager` to implement
this method as they see fit. This decouples the `LoginAdminWhitelist` service
fro `AbstractSlingRepositoryManager`, in fact only `OakSlingRepositoryManager`
needs this dependency, as it uses it in its implementation.
2. Refactor `JcrProviderStateFactory` to use an `AbstractSlingRepository`
instance injected with the "usingBundle" (by means of a `ServiceFactory`) not
only for `loginService` but also for `loginAdministrative`. This allows
removing any reference to `LoginAdminWhitelist` and thus also the dependency
from `o.a.s.jcr.resource` to `o.a.s.jcr.base`.
3. Rename `LoginAdminWhitelist` configuration properties as suggested by
Oliver in SLING-5135
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/code-distillery/sling feature/SLING-5135
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/sling/pull/185.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #185
----
commit f21f053fa07f59866cbcc7155720653648c67296
Author: Julian Sedding <[email protected]>
Date: 2016-11-09T15:14:59Z
SLING-5135 - Whitelist legit usages of loginAdministrative and
administrative ResourceResolver
- refactor for minimal dependencies to LoginAdminWhitelist support
- cleanup imports and related tests
commit 20c65f90a7b9babffe20473ec3052d9810495b0a
Author: Julian Sedding <[email protected]>
Date: 2016-11-09T19:51:00Z
SLING-5135 - Whitelist legit usages of loginAdministrative and
administrative ResourceResolver
- avoid explicit check for LoginAdminWhitelist by using the same
mechanism for loginAdministrative and loginService to pass
the "usingBundle" to the AbstractSlingRepository2 instance
- the above allows to remove the dependency to o.a.s.jcr.base
from o.a.s.jcr.resource
commit ecb3ce1d68d40356eae0a928584b7bb6c7545d6c
Author: Julian Sedding <[email protected]>
Date: 2016-11-09T20:13:58Z
SLING-5135 - Whitelist legit usages of loginAdministrative and
administrative ResourceResolver
- rename configuration properties
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
