You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2018/05/17 16:38:00 UTC
[jira] [Updated] (OAK-7498) Security code should not depend on
implementation details in oak-core
[ https://issues.apache.org/jira/browse/OAK-7498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela updated OAK-7498:
------------------------
Description:
[~stillalex], I have been looking at the remaining dependencies of the oak security code base to implementation details in oak-core and found the following main categories (in order of frequency):
- dependency to 'plugins' like nodetype/namespace/version/identifier management, read-only (OAK-7499)
- dependency to indexing implementation details (mainly in repository initializers): {{IndexConstants, {{IndexUtils}} (OAK-7501), hardcoded {{*IndexProvider}} (OAK-7500)
- hardcoded {{RootProviderService}} and {{TreeProviderService}} in {{SecurityProviderBuilder}} and the deprecated {{SecurityProviderImpl}}
- one usage of {{ReadWriteVersionManager.getOrCreateVersionHistory}} in {{VersionablePathHook}}
- one usage of {{RootFactory.createSystemRoot}} in {{UserInitializer}} linked to the setup of indices.
IMO it would be desirable to get rid of these dependencies implementation details (at least in the security code base in an initial stage).
was:
[~stillalex], I have been looking at the remaining dependencies of the oak security code base to implementation details in oak-core and found the following main categories (in order of frequency):
- dependency to 'plugins' like nodetype/namespace/version/identifier management, read-only
- dependency to indexing implementation details (mainly in repository initializers): {{IndexConstants, {{IndexUtils}}, hardcoded {{*IndexProvider}}
- hardcoded {{RootProviderService}} and {{TreeProviderService}} in {{SecurityProviderBuilder}} and the deprecated {{SecurityProviderImpl}}
- one usage of {{ReadWriteVersionManager.getOrCreateVersionHistory}} in {{VersionablePathHook}}
- one usage of {{RootFactory.createSystemRoot}} in {{UserInitializer}} linked to the setup of indices.
IMO it would be desirable to get rid of these dependencies implementation details (at least in the security code base in an initial stage).
> Security code should not depend on implementation details in oak-core
> ---------------------------------------------------------------------
>
> Key: OAK-7498
> URL: https://issues.apache.org/jira/browse/OAK-7498
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: auth-external, auth-ldap, authorization-cug, core, security
> Reporter: angela
> Priority: Major
> Labels: m12n
>
> [~stillalex], I have been looking at the remaining dependencies of the oak security code base to implementation details in oak-core and found the following main categories (in order of frequency):
> - dependency to 'plugins' like nodetype/namespace/version/identifier management, read-only (OAK-7499)
> - dependency to indexing implementation details (mainly in repository initializers): {{IndexConstants, {{IndexUtils}} (OAK-7501), hardcoded {{*IndexProvider}} (OAK-7500)
> - hardcoded {{RootProviderService}} and {{TreeProviderService}} in {{SecurityProviderBuilder}} and the deprecated {{SecurityProviderImpl}}
> - one usage of {{ReadWriteVersionManager.getOrCreateVersionHistory}} in {{VersionablePathHook}}
> - one usage of {{RootFactory.createSystemRoot}} in {{UserInitializer}} linked to the setup of indices.
> IMO it would be desirable to get rid of these dependencies implementation details (at least in the security code base in an initial stage).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)