[ https://issues.apache.org/jira/browse/SLING-9692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17230471#comment-17230471 ]
Angela Schreiber edited comment on SLING-9692 at 11/12/20, 9:17 AM: -------------------------------------------------------------------- [~rombert], [~dsuess], IMHO the issue should be 2-fold: - if content packages contain principal-based access control policies the converter should recognize them and generate the correct repoinit statements: i.e. policy nodes that have primary type {{rep:PrincipalPolicy}} should be converted to repo-init statement {{set principal ACL for principalName [...]}}. note that Jackrabbit fVault has been adjusted to support principal-based policies in content packages, so those might actually show up. - second there should be an option to convert resource-based access control setup for service users as defined in the content packages to principal-based access control setup in repo-init: ** make sure service users are created below the supported location ** generate principal-based access control statements instead of resource-based ac ** note: in contrast to resource-based access control the target nodes where the entries will take effect are not required to exist at the time the ac setup is defined. was (Author: anchela): [~rombert], [~dsuess], IMHO the issue should be 2-folded: - if content packages contain principal-based access control policies the converter should recognize them and generate the correct repoinit statements: i.e. policy nodes that have primary type {{rep:PrincipalPolicy}} should be converted to repo-init statement {{set principal ACL for principalName [...]}}. note that Jackrabbit fVault has been adjusted to support principal-based policies in content packages, so those might actually show up. - second there should be an option to convert resource-based access control setup for service users as defined in the content packages to principal-based access control setup in repo-init: ** make sure service users are created below the supported location ** generate principal-based access control statements instead of resource-based ac ** note: in contrast to resource-based access control the target nodes where the entries will take effect are not required to exist at the time the ac setup is defined. > Add support for principal-based access control entries > ------------------------------------------------------ > > Key: SLING-9692 > URL: https://issues.apache.org/jira/browse/SLING-9692 > Project: Sling > Issue Type: Improvement > Components: Content-Package to Feature Model Converter > Reporter: Robert Munteanu > Priority: Major > Fix For: Content-Package to Feature Model Converter 1.1.2 > > > When passed a content package that contains principal-based access control > entries, the converter ignores them. It should instead generate the proper > repoinit statements. -- This message was sent by Atlassian Jira (v8.3.4#803005)