[
https://issues.apache.org/jira/browse/OAK-6461?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16092680#comment-16092680
]
Alex Deparvu commented on OAK-6461:
-----------------------------------
[~anchela] thanks for the review!
bq. so the order within the composite-configurations should be maintained
yes, the order is stable relative to the order of the iteration over the
configurations, BUT it doesn't look like the ranking is respected on the
iteration side [0]: {{getConfigurations}} builds a {{HashSet}} which does not
offer a stable iteration order (I have actually seen this in my tests), or
maybe I'm not looking at the right thing?
[0]
https://github.com/apache/jackrabbit-oak/blob/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java#L134
> Merge all security related validators into a single hook
> --------------------------------------------------------
>
> Key: OAK-6461
> URL: https://issues.apache.org/jira/browse/OAK-6461
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core, security
> Reporter: Alex Deparvu
> Assignee: Alex Deparvu
> Attachments: OAK-6461.patch
>
>
> I'd like to see if it's feasible to merge all security related validators
> into a single hook, instead of a hook per _SecurityConfiguration_.
> Pros
> * all validators will be merged into a single hook, meaning processing will
> happen via a single diff over the content
> Cons
> * order of hooks will change, there will be commit hooks first, all
> aggregated validators next and post validation hooks last. I don't think
> there's any issue with validation itself as all data added by the hooks will
> be visible to the composite validator.
> This is how the chaining looks like in the current setup:
> {noformat}
> EditorHook :
> (TokenValidatorProvider),
> VersionablePathHook,
> EditorHook :
> (CompositeEditorProvider : ([
> PermissionStoreValidatorProvider,
> PermissionValidatorProvider,
> AccessControlValidatorProvider])),
> EditorHook :
> (PrivilegeValidatorProvider),
> EditorHook :
> (CompositeEditorProvider : ([
> UserValidatorProvider,
> CacheValidatorProvider])),
> PermissionHook,
> JcrAllCommitHook
> {noformat}
> If we merged them, this is the result:
> {noformat}
> VersionablePathHook,
> EditorHook :
> (CompositeEditorProvider : ([
> PermissionStoreValidatorProvider,
> PermissionValidatorProvider,
> AccessControlValidatorProvider,
> UserValidatorProvider,
> CacheValidatorProvider,
> PrivilegeValidatorProvider,
> TokenValidatorProvider])),
> PermissionHook,
> JcrAllCommitHook
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
