[jira] [Reopened] (SLING-11243) Allow modifying an ace with more specific restriction details
[ https://issues.apache.org/jira/browse/SLING-11243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Eric Norman reopened SLING-11243: - > Allow modifying an ace with more specific restriction details > - > > Key: SLING-11243 > URL: https://issues.apache.org/jira/browse/SLING-11243 > Project: Sling > Issue Type: New Feature >Reporter: Eric Norman >Assignee: Eric Norman >Priority: Major > Fix For: JCR Jackrabbit Access Manager 3.1.0 > > Time Spent: 2.5h > Remaining Estimate: 0h > > Support for modifying an ace with more specific details to support advanced > usage of privileges with restrictions. > These are a few of the use cases: > # Setting a restriction for a specific privilege instead of for all > privileges > # Removing a restriction from a specific privilege > # Privilege can set for the 'allow' and 'deny' state at the same time if > those have different restrictions > # Privilege can be unset for 'allow' or 'deny' state while leaving the other > state alone > > The proposal is to supporting these additional request parameters: > > {code:java} > One param for each privilege to delete. The parameter value must be either > 'allow', 'deny' or 'all' to specify which state to delete from. > privilege@[privilege_name]@Delete > One param for each restriction value. The same parameter name may be used > again for multi-value restrictions. The @Allow or @Deny suffix specifies > whether to apply the restriction to the 'allow' or 'deny' privilege. The > value is the target value of the restriction to be set. > restriction@[privilege_name]@[restriction_name]@Allow > restriction@[privilege_name]@[restriction_name]@Deny > One param for each restriction to delete. The parameter value must be either > 'allow', 'deny' or 'all' to specify which state to delete from. > restriction@[privilege_name]@[restriction_name]@Delete {code} > > For consistency, also extend the values allowed for the > "privilege@[privilege_name]" parameter to accept 'allow' or 'deny' as aliases > for 'granted' or 'denied'. -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Reopened] (SLING-11243) Allow modifying an ace with more specific restriction details
[ https://issues.apache.org/jira/browse/SLING-11243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Eric Norman reopened SLING-11243: - Re-opening to fix some bugs found by additional testing > Allow modifying an ace with more specific restriction details > - > > Key: SLING-11243 > URL: https://issues.apache.org/jira/browse/SLING-11243 > Project: Sling > Issue Type: New Feature >Reporter: Eric Norman >Assignee: Eric Norman >Priority: Major > Fix For: JCR Jackrabbit Access Manager 3.0.12 > > Time Spent: 1h 20m > Remaining Estimate: 0h > > Support for modifying an ace with more specific details to support advanced > usage of privileges with restrictions. > These are a few of the use cases: > # Setting a restriction for a specific privilege instead of for all > privileges > # Removing a restriction from a specific privilege > # Privilege can set for the 'allow' and 'deny' state at the same time if > those have different restrictions > # Privilege can be unset for 'allow' or 'deny' state while leaving the other > state alone > > The proposal is to supporting these additional request parameters: > > {code:java} > One param for each privilege to delete. The parameter value must be either > 'allow', 'deny' or 'all' to specify which state to delete from. > privilege@[privilege_name]@Delete > One param for each restriction value. The same parameter name may be used > again for multi-value restrictions. The @Allow or @Deny suffix specifies > whether to apply the restriction to the 'allow' or 'deny' privilege. The > value is the target value of the restriction to be set. > restriction@[privilege_name]@[restriction_name]@Allow > restriction@[privilege_name]@[restriction_name]@Deny > One param for each restriction to delete. The parameter value must be either > 'allow', 'deny' or 'all' to specify which state to delete from. > restriction@[privilege_name]@[restriction_name]@Delete {code} > > For consistency, also extend the values allowed for the > "privilege@[privilege_name]" parameter to accept 'allow' or 'deny' as aliases > for 'granted' or 'denied'. -- This message was sent by Atlassian Jira (v8.20.7#820007)