[jira] [Commented] (OAK-6516) Consider reordering the index-update-hook to reside with other post-commit-hooks

Thu, 03 Aug 2017 01:44:18 -0700 

    [ 
https://issues.apache.org/jira/browse/OAK-6516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16112419#comment-16112419
 ] 

angela commented on OAK-6516:
-----------------------------

[~chetanm], please note that your list only applies for typical 
Oak-out-of-the-box setup scenarios. For Adobe AEM the validators and commit 
hooks provided by {{oak-authorization-cug}} and {{oak-auth-external}} also need 
to be listed!

>From the list above following hooks are provided by the different security 
>modules and may differ depending on the actual security setup of a given oak 
>repository:

retrieved from {{SecurityConfiguration.getValidators}} are
{code}
     - PermissionStoreValidatorProvider
     - PermissionValidatorProvider
     - AccessControlValidatorProvider
     - PrivilegeValidatorProvider
     - UserValidatorProvider
     - CacheValidatorProvider
     - TokenValidatorProvider
    and additionally
     - CugValidatorProvider
     - ExternalIdentityValidatorProvider
{code}
 
retrieved from {{SecurityConfiguration.getCommitHooks}} are:

{code}
    - VersionablePathHook
{code}

and the following {{PostValidationHook}}

{code}
   - PermissionHook
   - JcrAllCommitHook
   and additionally
   - NestedCugHook
{code}

> Consider reordering the index-update-hook to reside with other 
> post-commit-hooks
> --------------------------------------------------------------------------------
>
>                 Key: OAK-6516
>                 URL: https://issues.apache.org/jira/browse/OAK-6516
>             Project: Jackrabbit Oak
>          Issue Type: Task
>          Components: core, indexing
>            Reporter: angela
>
> Currently the index-update hook is located together with other commit 
> validators and is followed by the security related validators that are 
> plugged to the final commit hook upon each call to {{Root.commit}} to allow 
> for proper pluggability of security modules.
> Consequently a given commit may fail with some security related validation 
> only after the index updated has been proceeded already. 
> I would like to discuss the possibility to treat the index-update like a 
> post-commit-hook that is only executed after all validation has been 
> performed. In the security area this is achieved by collecting the validator 
> separately from the post-commit-hooks.
> [~stillalex], [~tmueller], I would appreciate if we could discuss this topic 
> as well as possible implications/regressions that might be associated with it.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to