You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Eric Norman (Jira)" <ji...@apache.org> on 2022/05/20 17:30:00 UTC
[jira] [Resolved] (SLING-11321) The effective acl/ace json output should contain the paths where the privileges were declared
[ https://issues.apache.org/jira/browse/SLING-11321?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eric Norman resolved SLING-11321.
---------------------------------
Resolution: Fixed
Merged PR at: [{{302c1de}}|https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/commit/302c1def09d37b9c94d5081e0ba4cc80715742ea]
> The effective acl/ace json output should contain the paths where the privileges were declared
> ---------------------------------------------------------------------------------------------
>
> Key: SLING-11321
> URL: https://issues.apache.org/jira/browse/SLING-11321
> Project: Sling
> Issue Type: Improvement
> Reporter: Eric Norman
> Assignee: Eric Norman
> Priority: Minor
> Fix For: JCR Jackrabbit Access Manager 3.1.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Use Case: For debugging purposes, or if you want a UI view of the effective ACE or ACL to be able to draw links to where the privileges were defined.
> It would be useful for the effective acl and effective ace json to include a "declaredAt" structure for each principal that has the all paths where an applicable ACE was defined.
> Expected something like this for node based ACE definitions:
> {noformat}
> {
> "principal": "everyone",
> "privileges": {
> "jcr:read": {
> "allow": true
> },
> "jcr:readAccessControl": {
> "allow": true
> }
> },
> "declaredAt": {
> "node": [
> "/content",
> "/content/pages"
> ]
> }
> }{noformat}
> Where declaredAt/node contains the paths for any entries defined on a node.
> Or something like this for principal based ACE definitions:
> {noformat}
> {
> "principal":"sling-readall",
> "privileges":{
> "jcr:read":{
> "allow":true
> },
> "jcr:readAccessControl":{
> "allow":true
> }
> },
> "declaredAt":{
> "principal":[
> "/content/pages",
> "/"
> ]
> }
> }{noformat}
> Where declaredAt/principal contains the paths for any principalbased access control
--
This message was sent by Atlassian Jira
(v8.20.7#820007)