You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by Nicolas Peltier <np...@apache.org> on 2020/08/06 14:00:03 UTC
[security] new use case for a checkPermission API
Hey,
discussing around pipes [0], we agreed that we would need to check that
current resolver has certain privileges in addition to what it already
"sees" as a resolver (either direct check on the authorizable, either
indirect against configured resources). Bertrand chimed in pointing out to
old discussions about it [1] & [2] , and suggestion to create new
module/api.
If i read the thread correctly, some people are opposed to it, but we have
if i count correctly at least 2 legit usages of this (clam & pipes), which
is enough for legitimizing an API, right?
wdyt?
Nicolas
[0] https://issues.apache.org/jira/browse/SLING-9556
[1]
https://lists.apache.org/thread.html/e949e6328729e493ec0028642173228933ebf6d9b322da5aa0dd64d3%40%3Cdev.sling.apache.org%3E
[2]
https://lists.apache.org/thread.html/72475f31d9dda5128528d67f491468b081c958e9c3b93924de633c3e%40%3Cdev.sling.apache.org%3E
Re: [security] new use case for a checkPermission API
Posted by Nicolas Peltier <pe...@gmail.com>.
here you are [3], it is not merged in as it still break some unit tests
right now
[3]
https://github.com/npeltier/sling-org-apache-sling-pipes/commit/72d0c2bed3d7a7e31de6e4d6a90b815837ab0009#diff-3e9bcd2a44e6dc255a6d8c3cc17adddaR164-R171
Le ven. 7 août 2020 à 10:50, Nicolas Peltier <pe...@gmail.com> a
écrit :
> i was planning to make the API internal for 4.0, and use the outside one
> later, so no change to the API surface.
>
> Le ven. 7 août 2020 à 10:41, Oliver Lietz <ap...@oliverlietz.de> a
> écrit :
>
>> On Friday, August 7, 2020 9:15:10 AM CEST Bertrand Delacretaz wrote:
>> > On Fri, Aug 7, 2020 at 9:14 AM Nicolas Peltier
>> >
>> > <np...@adobe.com.invalid> wrote:
>> > > ...Assuming we are good to go, should I use an internal API for now in
>> > > pipes, and we discuss around moving it to a bundle later?...
>> >
>> > I think that's a good starting point.
>>
>> Nicolas, are you in hurry to get Pipes 4.0 out soon? I guess adding and
>> switching the check requires (again) a major version.
>>
>> Regards,
>> O.
>>
>>
>> > -Bertrand
>>
>>
>>
>>
>>
Re: [security] new use case for a checkPermission API
Posted by Nicolas Peltier <pe...@gmail.com>.
i was planning to make the API internal for 4.0, and use the outside one
later, so no change to the API surface.
Le ven. 7 août 2020 à 10:41, Oliver Lietz <ap...@oliverlietz.de> a écrit :
> On Friday, August 7, 2020 9:15:10 AM CEST Bertrand Delacretaz wrote:
> > On Fri, Aug 7, 2020 at 9:14 AM Nicolas Peltier
> >
> > <np...@adobe.com.invalid> wrote:
> > > ...Assuming we are good to go, should I use an internal API for now in
> > > pipes, and we discuss around moving it to a bundle later?...
> >
> > I think that's a good starting point.
>
> Nicolas, are you in hurry to get Pipes 4.0 out soon? I guess adding and
> switching the check requires (again) a major version.
>
> Regards,
> O.
>
>
> > -Bertrand
>
>
>
>
>
Re: [security] new use case for a checkPermission API
Posted by Oliver Lietz <ap...@oliverlietz.de>.
On Friday, August 7, 2020 9:15:10 AM CEST Bertrand Delacretaz wrote:
> On Fri, Aug 7, 2020 at 9:14 AM Nicolas Peltier
>
> <np...@adobe.com.invalid> wrote:
> > ...Assuming we are good to go, should I use an internal API for now in
> > pipes, and we discuss around moving it to a bundle later?...
>
> I think that's a good starting point.
Nicolas, are you in hurry to get Pipes 4.0 out soon? I guess adding and
switching the check requires (again) a major version.
Regards,
O.
> -Bertrand
Re: [security] new use case for a checkPermission API
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Fri, Aug 7, 2020 at 9:14 AM Nicolas Peltier
<np...@adobe.com.invalid> wrote:
>
> ...Assuming we are good to go, should I use an internal API for now in pipes,
> and we discuss around moving it to a bundle later?...
I think that's a good starting point.
-Bertrand
Re: [security] new use case for a checkPermission API
Posted by Nicolas Peltier <np...@adobe.com.INVALID>.
Assuming we are good to go, should I use an internal API for now in pipes, and we discuss around moving it to a bundle later?
Nicolas
On 06/08/2020 16:48, "Bertrand Delacretaz" <bd...@apache.org> wrote:
Hi,
On Thu, Aug 6, 2020 at 4:00 PM Nicolas Peltier <np...@apache.org> wrote:
> ...we have
> if i count correctly at least 2 legit usages of this (clam & pipes), which
> is enough for legitimizing an API, right?...
I think so, and there's been several cases already where permissions
on arbitrary-named operations (like "execute Sling Pipes via HTTP" in
your case) can help.
-Bertrand
> [0] https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fissues.apache.org%2Fjira%2Fbrowse%2FSLING-9556&data=02%7C01%7Cnpeltier%40adobe.com%7Cc143de6b45d0412dcc4008d83a17d753%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637323221356938169&sdata=E2lDv0O8Eu6kttRvm2JzIwuLgFsOTcqnlqmRQL7zQsE%3D&reserved=0
> [1]
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.apache.org%2Fthread.html%2Fe949e6328729e493ec0028642173228933ebf6d9b322da5aa0dd64d3%2540%253Cdev.sling.apache.org%253E&data=02%7C01%7Cnpeltier%40adobe.com%7Cc143de6b45d0412dcc4008d83a17d753%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637323221356938169&sdata=TvhmI0anfsb%2FmaN8EInCNHDNLDgWLHdCAuiDgGQnSEE%3D&reserved=0
> [2]
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.apache.org%2Fthread.html%2F72475f31d9dda5128528d67f491468b081c958e9c3b93924de633c3e%2540%253Cdev.sling.apache.org%253E&data=02%7C01%7Cnpeltier%40adobe.com%7Cc143de6b45d0412dcc4008d83a17d753%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637323221356938169&sdata=ly%2B6r%2Bry60bxEZRcoX2VLJWqnuVRDm5Zjha6yUKcTbM%3D&reserved=0
Re: [security] new use case for a checkPermission API
Posted by Bertrand Delacretaz <bd...@apache.org>.
Hi,
On Thu, Aug 6, 2020 at 4:00 PM Nicolas Peltier <np...@apache.org> wrote:
> ...we have
> if i count correctly at least 2 legit usages of this (clam & pipes), which
> is enough for legitimizing an API, right?...
I think so, and there's been several cases already where permissions
on arbitrary-named operations (like "execute Sling Pipes via HTTP" in
your case) can help.
-Bertrand
> [0] https://issues.apache.org/jira/browse/SLING-9556
> [1]
> https://lists.apache.org/thread.html/e949e6328729e493ec0028642173228933ebf6d9b322da5aa0dd64d3%40%3Cdev.sling.apache.org%3E
> [2]
> https://lists.apache.org/thread.html/72475f31d9dda5128528d67f491468b081c958e9c3b93924de633c3e%40%3Cdev.sling.apache.org%3E