[jira] [Commented] (OAK-6461) Merge all security related validators into a single hook

Tue, 18 Jul 2017 02:07:16 -0700 

    [ 
https://issues.apache.org/jira/browse/OAK-6461?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16091321#comment-16091321
 ] 

angela commented on OAK-6461:
-----------------------------

[~stillalex], in general that looks good to me. the only thing that i would 
like to mention: the composite-configurations have a ranking, which (in 
particular for permission evaluation) is relevant for performance.... so the 
order within the composite-configurations should be maintained, would that be 
the case with your patch?

> Merge all security related validators into a single hook
> --------------------------------------------------------
>
>                 Key: OAK-6461
>                 URL: https://issues.apache.org/jira/browse/OAK-6461
>             Project: Jackrabbit Oak
>          Issue Type: Improvement
>          Components: core, security
>            Reporter: Alex Deparvu
>            Assignee: Alex Deparvu
>         Attachments: OAK-6461.patch
>
>
> I'd like to see if it's feasible to merge all security related validators 
> into a single hook, instead of a hook per _SecurityConfiguration_.
> Pros
> * all validators will be merged into a single hook, meaning processing will 
> happen via a single diff over the content
> Cons
> * order of hooks will change, there will be commit hooks first, all 
> aggregated validators next and post validation hooks last. I don't think 
> there's any issue with validation itself as all data added by the hooks will 
> be visible to the composite validator.
> This is how the chaining looks like in the current setup:
> {noformat}
>     EditorHook : 
>         (TokenValidatorProvider),
>     VersionablePathHook, 
>     EditorHook : 
>         (CompositeEditorProvider : ([
>             PermissionStoreValidatorProvider, 
>             PermissionValidatorProvider, 
>             AccessControlValidatorProvider])), 
>     EditorHook : 
>         (PrivilegeValidatorProvider), 
>     EditorHook : 
>         (CompositeEditorProvider : ([
>             UserValidatorProvider,
>             CacheValidatorProvider])),
>     PermissionHook, 
>     JcrAllCommitHook
> {noformat}
> If we merged them, this is the result:
> {noformat}
>     VersionablePathHook, 
>     EditorHook : 
>         (CompositeEditorProvider : ([
>             PermissionStoreValidatorProvider,
>             PermissionValidatorProvider,
>             AccessControlValidatorProvider, 
>             UserValidatorProvider,
>             CacheValidatorProvider, 
>             PrivilegeValidatorProvider,
>             TokenValidatorProvider])),
>     PermissionHook, 
>     JcrAllCommitHook
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to