[
https://issues.apache.org/jira/browse/JCRVLT-427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17071682#comment-17071682
]
Konrad Windszus commented on JCRVLT-427:
----------------------------------------
I would propose an OSGi configuration for VaultPackages which allows to
configure
# authorizable ids (via membership or direct) which are allowed to install
packages with flag "requiresRoot"
(https://jackrabbit.apache.org/filevault/properties.html)
# authorizable ids (via membership or direct) which are allowed to install
packages with hooks
> Allow installation of packages with hook for users without admin privileges
> ---------------------------------------------------------------------------
>
> Key: JCRVLT-427
> URL: https://issues.apache.org/jira/browse/JCRVLT-427
> Project: Jackrabbit FileVault
> Issue Type: Improvement
> Components: vlt
> Reporter: Konrad Windszus
> Assignee: Konrad Windszus
> Priority: Major
> Fix For: 3.4.6
>
>
> Currently due to the check in
> https://github.com/apache/jackrabbit-filevault/blob/e257001ec22ea06bcc987cbf79f0cc9b15c4e186/vault-core/src/main/java/org/apache/jackrabbit/vault/packaging/impl/ZipVaultPackage.java#L184
> packages containing a hook can only be installed by admins.
> Although I do understand the intent of that I think this is not flexible
> enough as currently that only gives the rights to users "admin", "system" or
> members of group "administrators". Instead there should be an OSGi
> configuration which allows to configure to grant the right to install
> packages with hooks to other groups as well!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
