[ https://issues.apache.org/jira/browse/SLING-7061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Timothee Maret reassigned SLING-7061: ------------------------------------- Assignee: Timothee Maret > Access control setup of repository-level permissions (i.e. null path) > --------------------------------------------------------------------- > > Key: SLING-7061 > URL: https://issues.apache.org/jira/browse/SLING-7061 > Project: Sling > Issue Type: Improvement > Components: Repoinit > Reporter: angela > Assignee: Timothee Maret > > If I am not mistaken it is currently not possible to create access control > setup for principals at the 'null' path, which according to JSR 283 is to be > used to setup repository level permissions such as > - node type definition management (i.e. registering new node types) > - namespace management (i.e. registering new namespaces) > - privilege management (i.e. registering new privileges) > - workspace management (i.e. creating/removing workspaces) > All of these operations are not bound to a path (like e.g. removing an item > or creating a new version for a given node) but instead take global effect on > the whole JCR repository... that's why permissions for these operations > cannot be granted at a given path. > In the default authorization model shipped with Jackrabbit and Oak the -null- > path access control policy is stored with a dedicated _rep:repoPolicy_ node > located with the root node and > For service user definitions we need to be able to define entries for the > -null- path policy for the reasons explained above. Thanks for extending the > repo-init accordingly. -- This message was sent by Atlassian JIRA (v6.4.14#64029)