You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Tomek Rękawek (JIRA)" <ji...@apache.org> on 2019/03/12 13:04:00 UTC
[jira] [Commented] (OAK-8124) Sidegrade operation doesn't run
security-related commit hooks
[ https://issues.apache.org/jira/browse/OAK-8124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16790522#comment-16790522 ]
Tomek Rękawek commented on OAK-8124:
------------------------------------
[~anchela] - I'd appreciate some feedback on the following:
The oak-upgrade code responsible for the Oak->Oak migration was missing the security-related commit hooks, which I plan to add in [^OAK-8124.patch]. It requires providing the security configuration. For now I created a minimal, default configuration that can be also overridden by providing a properties file. However, it only takes care of the UserConfiguration, which seems to be enough for the original issue (missing permissionStore entries), but maybe there are other configurations parts that we should include as well. The oak-upgrade doesn't use authorization or authentication, it only copies content on the node-store level.
Is there some standard way to create the complete security configuration outside the OSGi (eg. as an XML)?
> Sidegrade operation doesn't run security-related commit hooks
> -------------------------------------------------------------
>
> Key: OAK-8124
> URL: https://issues.apache.org/jira/browse/OAK-8124
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: upgrade
> Reporter: Tomek Rękawek
> Assignee: Tomek Rękawek
> Priority: Major
> Fix For: 1.11.0
>
> Attachments: OAK-8124.patch
>
>
> It seems that for the partial Oak->Oak migrations (the ones with --include or --exclude-paths), the ACLs are not processed correctly. The security-related commit hooks are not included in the merge() operation and as a result, the permission store is not populated.
> We need to run the appropriate commit hooks in the sidegrade operation.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)