You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Alex Deparvu (JIRA)" <ji...@apache.org> on 2017/07/21 08:19:01 UTC
[jira] [Resolved] (OAK-6461) Merge all security related validators
into a single hook
[ https://issues.apache.org/jira/browse/OAK-6461?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Deparvu resolved OAK-6461.
-------------------------------
Resolution: Fixed
Fix Version/s: 1.7.5
fixed with http://svn.apache.org/viewvc?rev=1802553&view=rev
> Merge all security related validators into a single hook
> --------------------------------------------------------
>
> Key: OAK-6461
> URL: https://issues.apache.org/jira/browse/OAK-6461
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core, security
> Reporter: Alex Deparvu
> Assignee: Alex Deparvu
> Fix For: 1.7.5
>
> Attachments: OAK-6461.patch
>
>
> I'd like to see if it's feasible to merge all security related validators into a single hook, instead of a hook per _SecurityConfiguration_.
> Pros
> * all validators will be merged into a single hook, meaning processing will happen via a single diff over the content
> Cons
> * order of hooks will change, there will be commit hooks first, all aggregated validators next and post validation hooks last. I don't think there's any issue with validation itself as all data added by the hooks will be visible to the composite validator.
> This is how the chaining looks like in the current setup:
> {noformat}
> EditorHook :
> (TokenValidatorProvider),
> VersionablePathHook,
> EditorHook :
> (CompositeEditorProvider : ([
> PermissionStoreValidatorProvider,
> PermissionValidatorProvider,
> AccessControlValidatorProvider])),
> EditorHook :
> (PrivilegeValidatorProvider),
> EditorHook :
> (CompositeEditorProvider : ([
> UserValidatorProvider,
> CacheValidatorProvider])),
> PermissionHook,
> JcrAllCommitHook
> {noformat}
> If we merged them, this is the result:
> {noformat}
> VersionablePathHook,
> EditorHook :
> (CompositeEditorProvider : ([
> PermissionStoreValidatorProvider,
> PermissionValidatorProvider,
> AccessControlValidatorProvider,
> UserValidatorProvider,
> CacheValidatorProvider,
> PrivilegeValidatorProvider,
> TokenValidatorProvider])),
> PermissionHook,
> JcrAllCommitHook
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)