You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Konrad Windszus (Jira)" <ji...@apache.org> on 2021/08/27 10:21:00 UTC
[jira] [Comment Edited] (SLING-10760) Converter ignores access
control content in .content.xml files
[ https://issues.apache.org/jira/browse/SLING-10760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17405728#comment-17405728 ]
Konrad Windszus edited comment on SLING-10760 at 8/27/21, 10:20 AM:
--------------------------------------------------------------------
[~angela] With which version of FileVault have you tested importing that package (AEM uses a pretty outdated one)? Everything not covered by the filter.xml should not be installed! The only edge case is nodes represented by empty elements (http://jackrabbit.apache.org/filevault/docview.html#Empty_Elements) in enhanced docview which will not be removed, but this is not really related to the filter.xml question.
There is currently a bug related to authorization nodes (JCRVLT-522) which are applied independent if they are contained in the filter rules. Not sure we can ever fix this, as a lot of packages probably now rely on this bug!
was (Author: kwin):
[~angela] With which version of FileVault have you tested importing that package (AEM uses a pretty outdated one)? Everything not covered by the filter.xml should not be installed! The only edge case is nodes represented by empty elements (http://jackrabbit.apache.org/filevault/docview.html#Empty_Elements) in enhanced docview which will not be removed, but this is not really related to the filter.xml question.
> Converter ignores access control content in .content.xml files
> --------------------------------------------------------------
>
> Key: SLING-10760
> URL: https://issues.apache.org/jira/browse/SLING-10760
> Project: Sling
> Issue Type: Bug
> Components: Content-Package to Feature Model Converter
> Reporter: Angela Schreiber
> Priority: Major
> Attachments: subtree_in_contentxml_policy.png, subtree_in_contentxml_sibling.png
>
>
> [~kpauls], while trying to find more edge cases that could cause SLING-10754, i noticed that not only sibling nodes but also access control content (like e.g. _rep:policy_ nodes) contained in a _.content.xml_ get installed by Jackrabbit Filevault even if those nodes are not covered by the corresponding {{WorkspaceFilter}}.
> It also seems that these package 'entries' are not spotted by the converter and thus the dedicated {{EntryHandler}} implementations that are intended to analyze and convert special content like e.g. access control (but probably not limited to that) are not triggered.
> In other words: content hidden in _.content.xml_ will not be properly converted but will be installed even if not covered by _filter.xml_ associated with the content package. I don't know if that actually intended behavior of Jackrabbit FileVault (the documentation clearly stating that everything should be covered by filter rules [0], section 'Usage for Import/Installation'), but if it is correct it might in the worse case require the converter to parse all _.content.xml_ files and delegate to the proper handler implementations.
> [~kwin], I would appreciate your input on the FileVault related question of this ticket. In particular: is it correct and intended that subnodes defined in _.content.xml_ get installed even if not covered by any filter rule?
> [0] https://jackrabbit.apache.org/filevault/filter.html
--
This message was sent by Atlassian Jira
(v8.3.4#803005)