[
https://issues.apache.org/jira/browse/SLING-8561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16878613#comment-16878613
]
Dominik Süß commented on SLING-8561:
------------------------------------
Context information - the ACLs being dropped are most likely in due to the
process how the packages were created - these ACLs were implicitly created with
users and then exported into a package. Due to this pattern being used for user
and service user creation for a while we expect the same pattern to be
reappearing while not having any functional meaning (no use case were a service
user would need to have access on the own node).
> ACLs on service users should be ignored because of randomised node names
> ------------------------------------------------------------------------
>
> Key: SLING-8561
> URL: https://issues.apache.org/jira/browse/SLING-8561
> Project: Sling
> Issue Type: Bug
> Components: Content-Package to Feature Model Converter
> Reporter: Christophe Jelger
> Assignee: Simone Tripodi
> Priority: Blocker
>
> The creation of service users via reponit creates randomised node names, for
> example, something like
> {code:java}
> /home/users/system/communities/7w6ebrYBWEGY5r5cHQ-E
> [social-enablement-replication-user]
> {code}
> This means than ACLs cannot be set later on that node name if the content
> package tries to set some ACLs on
> {code:java}
> /home/users/system/communities/social-enablement-replication-user
> {code}
> This means that we should currently ignore ACLs for service users, that is,
> nodes with primary type {{rep:SystemUser}} like.
> Which means in the repoinit section, the following 2 lines should for example
> be removed:
> {code:java}
> create path (sling:Folder)
> /home/users/system/communities/social-enablement-replication-user
> allow jcr:all on
> /home/users/system/communities/social-enablement-replication-user
> {code}
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
