You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by GitBox <gi...@apache.org> on 2022/11/06 20:43:21 UTC
[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] enapps-enorman opened a new pull request, #16: SLING-11243 avoid an ambiguous ACE definition
enapps-enorman opened a new pull request, #16:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/16
If any leaf privilege has different restrictions than a contained aggregate parent privilege, then the parent should not be set and the non-conflicting ancestors should be set instead to avoid an ambiguous definition.
For example, consider rep:write being allowed and then the leaf rep:removeProperties is also allowed but with restrictions with something like this:
```
curl -FprincipalId=slingshot1 \
-Fprivilege@rep:write=allow \
-Fprivilege@rep:removeProperties=allow \
-Frestriction@rep:removeProperties@rep:glob@Allow=/hello \
http://admin:admin@localhost:8080/starter.modifyAce.html
```
Expected that rep:write would not be marked as allowed, but the non-conflicting items in the rep:write aggregate privilege would be allowed.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@sling.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] sonarcloud[bot] commented on pull request #16: SLING-11243 avoid an ambiguous ACE definition
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #16:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/16#issuecomment-1304892827
Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16)
[](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&metric=new_coverage&view=list) [100.0% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=16&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@sling.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] enapps-enorman merged pull request #16: SLING-11243 avoid an ambiguous ACE definition
Posted by GitBox <gi...@apache.org>.
enapps-enorman merged PR #16:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/16
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@sling.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org