[ https://issues.apache.org/jira/browse/SLING-10127?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17299381#comment-17299381 ]
Angela Schreiber commented on SLING-10127: ------------------------------------------ [~kwin], thanks for highlighting that. very good point. in fact if content packages are installed as originally defined the effect of 'enforce principal-based ac-setup would actually be destroyed if the content packages comes with an import-mode that moves the existing service users. [~kpauls], i think we briefly touched this topic while fixing security issues with the converter but somehow assume that this is already the case. if it's not as [~kwin] reports this would need to be addressed. wdyt? > Keep modified content packages of type "content" > ------------------------------------------------ > > Key: SLING-10127 > URL: https://issues.apache.org/jira/browse/SLING-10127 > Project: Sling > Issue Type: Improvement > Components: Feature Model > Affects Versions: Content-Package to Feature Model Converter 1.0.24 > Reporter: Konrad Windszus > Priority: Major > > Currently in > https://github.com/apache/sling-org-apache-sling-feature-cpconverter/blob/a21667f65a2bd503bd752c3cc6fb842caac90d90/src/main/java/org/apache/sling/feature/cpconverter/ContentPackage2FeatureModelConverter.java#L343 > all generated/modified content packages of type "content" are just > disregarded. > If you have as input a content package of type "content" containing ACLs on > mutable nodes, system users and arbitrary other mutable nodes, the first two > are correctly extracted into a feature model but the content package is not > modified, leading to the fact that the ACLs and system users are still > contained in the content package. > IMHO a modified content-package should be given out (and kept) as that one > differs from the input content package! > Otherwise you would try to install system users/ACLs again when installing > the content package which might fail due to missing rights... -- This message was sent by Atlassian Jira (v8.3.4#803005)