Angela Schreiber created SLING-10210:
----------------------------------------
Summary: Option to enforce service-user-mapping with principal
names
Key: SLING-10210
URL: https://issues.apache.org/jira/browse/SLING-10210
Project: Sling
Issue Type: New Feature
Components: Content-Package to Feature Model Converter
Reporter: Angela Schreiber
[~kpauls], with the improvements made with SLING-10070 the converter is able to
refactor service users and permission setup defined in content packages to use
principal-based access control setup.
however, service users listed in mappings by userid are currently omitted from
the refactoring (see SLING-10070 for reasoning).
looking at usages in AEM instances i noticed however, that a majority of those
mappings don't seem to actively rely on group membership and could probably
safely been altered to mappings with the preferable format
'service:subservice=[principal-name]'.
therefore i would like to suggest to introduce another configuration option to
enforce the new mapping format.
- if enabled all mappings with format 'service:subservice=userid' would be
converted by being passed to the feature-model and all service users from
content packages would be refactored in case option
'enforce-principal-based-setup' is enabled.
- if disabled mappings would be converted to feature model as defined and the
option introduced with SLING-10070 would work as today.
wdyt?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
