You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Bertrand Delacretaz (JIRA)" <ji...@apache.org> on 2016/01/06 09:38:39 UTC

[jira] [Reopened] (SLING-5355) Create service users and ACLs from the provisioning model

     [ https://issues.apache.org/jira/browse/SLING-5355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Bertrand Delacretaz reopened SLING-5355:
----------------------------------------

> Create service users and ACLs from the provisioning model
> ---------------------------------------------------------
>
>                 Key: SLING-5355
>                 URL: https://issues.apache.org/jira/browse/SLING-5355
>             Project: Sling
>          Issue Type: New Feature
>          Components: Service User Mapper
>            Reporter: Bertrand Delacretaz
>            Assignee: Bertrand Delacretaz
>
> As discussed in the "Removing loginAdministrative, how to test that, and service username conventions" thread on our dev list [1] we need to be able to create service users and set the corresponding ACLs from our provisioning model.
> This should be implemented using distinct utility classes, one for the users and one for the ACLs, that take simple mini-languages as input. This will allow for reusing these utilities in test code for example.
> I have made a suggestion for those mini languages in that thread, will copy them here once we agree.
> [1] http://markmail.org/message/kcvuhwfdald2dyuz
> *Edit: additional contraints*
> * AC1: Waiting for content paths: not all ACLs can be applied immediately when the SlingRepository service starts: for this we'd need to create paths that don't exist yet, and the nodetypes of those paths might not have been defined yet, as any bundle can supply additional node types. This means waiting for the path creation to succeed before proceeding, so we might as well wait for the paths to be created by content installations
> * AC2: The mechanism must work for any launchers, not just the Sling Launchpad - so it cannot be just a build-time thing.
> * AC3: The full text of the ACL definitions must be available at runtime. This allows for example checking later that a Sling instance is still configured according to those ACL definitions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)