[
https://issues.apache.org/jira/browse/SLING-7268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16273232#comment-16273232
]
Eric Norman commented on SLING-7268:
------------------------------------
It's still worth fixing since the same scenario would happen with the import
POST operation if you use JSON input that creates a user or group and an ACE
for that principal within the same transaction.
The solution appears to be the same as what was done to resolve SLING-6182
using what was pointed out in OAK-5496. We cannot successfully use
PrincipalManager#getPrincipal in oak without the session that created the
principal getting saved first (and a subsequent index update). The workaround
is to fallback to the UserManager#getAuthorizable API to locate the principal.
> unable to create principals and use principals in ACLs on import
> ----------------------------------------------------------------
>
> Key: SLING-7268
> URL: https://issues.apache.org/jira/browse/SLING-7268
> Project: Sling
> Issue Type: Bug
> Affects Versions: JCR ContentLoader 2.2.6
> Reporter: Andres Bott
> Priority: Minor
>
> Not able to use principals and ACLS on the same bundle when defining initial
> content
> ie:
> {
> "jcr:primaryType" : "sling:Folder",
> "security:principals": [
> { "name": "*user*", "password": "mypassword"}
> ],
> "security:acl": [
> { "principal": "*user*", "granted": ["jcr:read","jcr:write"] }
> ]
> }
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
