Hi,
On Mon, Nov 16, 2015 at 11:50 PM, Carsten Ziegeler <cziege...@apache.org> wrote:
> ...do we have a solution now on how to
> define the service user and ACLs in the provisioning model?...
I'm hoping to find time to work on this soon, for now I had a look at
the ideas in JCRVLT-61 and chatted with Robert and we came up with the
following suggestions for two simple mini-languages that we can use in
our provisioning model:
a) Creating service users (this one is definitely a micro-language ;-)
# comments and blank lines are supported of course
create service user printService,someService
delete service user printService,anotherService
b) Setting ACLS from our provisioning model:
# comments and blank lines are supported of course
set ACL on /libs,/apps with glob */install/*
remove * for user1,user2
allow jcr:read for user1,user2
deny jcr:write for user2
deny jcr:lockManagement for user1
end
Both mini-languages should be implemented in their own modules so as
to be reusable in other contexts, automated tests for example, and
maybe JCRVLT-61 if the Oak folks are interested.
I have created https://issues.apache.org/jira/browse/SLING-5355 for
this, if someone needs it and can help feel free to jump in!
-Bertrand
