mohiaror commented on a change in pull request #40: URL: https://github.com/apache/sling-org-apache-sling-distribution-core/pull/40#discussion_r414123346
########## File path: src/main/java/org/apache/sling/distribution/agent/impl/PrivilegeDistributionRequestAuthorizationStrategy.java ########## @@ -68,8 +76,8 @@ public void checkPermission(@NotNull ResourceResolver resourceResolver, @NotNull private void checkPermissionForAdd(Session session, String[] paths) throws RepositoryException, DistributionException { AccessControlManager acMgr = session.getAccessControlManager(); - - Privilege[] privileges = new Privilege[]{acMgr.privilegeFromName(jcrPrivilege), acMgr.privilegeFromName(Privilege.JCR_READ)}; + additionalJcrPrivilegesForAdd = additionalJcrPrivilegesForAdd != null ? additionalJcrPrivilegesForAdd : new String[] {Privilege.JCR_READ}; Review comment: If the config does not contain values of additionalJcrPrivilegesForAdd or additionalJcrPrivilegesForDelete (as is the case with default config right now) then we switch to using the earlier defaults, viz., JCR_READ and JCR_REMOVE_NODE, respectively as captured in the code. Do you mean something else? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org