On Thursday 14 July 2016 16:02:46 Carsten Ziegeler wrote: > I think we should have the service user concept and getting a service > user is pretty easy. So I don't see the need for something need, > competing with service users. > > We can discuss about a scripting service user which gets the required > access rights though
+1, see my comment in SLING-5252 from yesterday There should be a service user for scripting with limited read access to /apps and /libs (and maybe /etc). I see Radu's point in having a ResourceResolver provider in Scripting Core. All Scripting implementations (everyone!) could ask this provider for a "script reader" ResourceResolver which would call ResourceProviderFactory#getServiceResourceResolver(null) – instead of defining a service user mapping for every scripting implementation. Though it's up to the scripting implementations to close these resolvers. Regards, O. > Carsten > > > Hi, > > > > In the context of [1] and corroborated by the fact that repoinit was > > released, what's your opinion about defining a new service in > > o.a.s.scripting.api (implemented in o.a.s.scripting.core) that would > > provide ResourceResolvers with restricted access for o.a.s.scripting.* > > modules - for starters just one with read-only access to the search paths? > > > > This service could identify the common use cases for ResourceResolver > > usages in o.a.s.scripting.* and reduce potential code duplication. > > > > Thanks, > > Radu > > > > [1] - https://issues.apache.org/jira/browse/SLING-5254
