You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by GitBox <gi...@apache.org> on 2022/05/18 17:30:01 UTC

[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] enapps-enorman opened a new pull request, #10: SLING-11243 Redundant privileges contained in ACE

enapps-enorman opened a new pull request, #10:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/10

   Redundant privileges may be contained in ACE when setting restriction details for a privilege that is part of an already allowed aggregate
   
   Use case: Posting a modifyAce request with fields like this:
   - privilege@jcr:all=allow
   - restriction@jcr:removeNode@rep:itemNames@Allow=item1
   
   Before this fix the ACE output contained some redundant privileges that are already covered by jcr:all like this:
   `{
     "principal":"everyone",
     "privileges":{
       "jcr:addChildNodes":{
         "allow":true
       },
       "jcr:removeNode":{
         "allow":{
           "rep:itemNames":[
             "item1"
           ]
         }
       },
       "jcr:removeChildNodes":{
         "allow":true
       },
       "jcr:all":{
         "allow":true
       },
       "jcr:modifyProperties":{
         "allow":true
       }
     }
   }`
   
   After the fix, the redundant privileges are not there like this:
   `{
     "principal":"everyone",
     "privileges":{
       "jcr:removeNode":{
         "allow":{
           "rep:itemNames":[
             "item1"
           ]
         }
       },
       "jcr:all":{
         "allow":true
       }
     }
   }`


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@sling.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] sonarcloud[bot] commented on pull request #10: SLING-11243 Redundant privileges contained in ACE

Posted by GitBox <gi...@apache.org>.

sonarcloud[bot] commented on PR #10:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/10#issuecomment-1130318358

   Kudos, SonarCloud Quality Gate passed!&nbsp; &nbsp; [![Quality Gate passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png 'Quality Gate passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10)
   
   [![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png 'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=BUG) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=BUG)  
   [![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png 'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=VULNERABILITY) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=VULNERABILITY)  
   [![Security Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png 'Security Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=SECURITY_HOTSPOT) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=SECURITY_HOTSPOT)  
   [![Code Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png 'Code Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=CODE_SMELL) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&resolved=false&types=CODE_SMELL)
   
   [![83.3%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png '83.3%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&metric=new_coverage&view=list) [83.3% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&metric=new_coverage&view=list)  
   [![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png '0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=10&metric=new_duplicated_lines_density&view=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@sling.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] enapps-enorman merged pull request #10: SLING-11243 Redundant privileges contained in ACE

Posted by GitBox <gi...@apache.org>.

enapps-enorman merged PR #10:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/10


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@sling.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org