Hi,
See below for a few comments about the recently added ResourceAccessSecurity.
IMO these show that this API will still evolve, which makes me think
that this belongs in the whiteboard for now - maybe using a forked
sling.api bundle if that's easier.
-Bertrand
Notes on ResourceAccessSecurity:
1) javadocs says "* - Expected to only be implemented once in the
framework/application...", I'm not sure about that. If you have both a
filesystem and an HBase resource providers, they might use very
different implementations?
2) Notes as comments in the interface:
public interface ResourceAccessSecurity {
// Calling that canRead would be more consistent with other names
public Resource checkReadPermission( Resource resource );
// Having to extract username as a String feels a bit funny - maybe
// you need an opaque ResourceCredentials object that the
ResourceResolver can provide
// based on a Request or Resource, similar to JCR Sessions.
public boolean canCreate( String absPathName, String user );
public boolean canUpdate( Resource resource );
public boolean canDelete( Resource resource );
public boolean canExecute( Resource resource );
public boolean canReadValue( Resource resource, String valueName );
// Do we need both canCreate and canUpdate? To use canCreate you first need
// to find out that the value doesn't exist, feels a bit weird.
Maybe canSetValue
// can cover both cases, by first checking if the value exists
public boolean canCreateValue( Resource resource, String valueName );
public boolean canUpdateValue( Resource resource, String valueName );
public boolean canDeleteValue( Resource resource, String valueName );
// Does that rather belong to a QuerySecurity interface, what's
the use case?
// Also, user vs. ResourceCredentials as above
public String sanitizeQuery( String query, String language, String
user ) throws AccessSecurityException;
}
