[jira] Updated: (SLING-1411) Add replaceAccessControlEntry method to AccessControlUtil
[ https://issues.apache.org/jira/browse/SLING-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Felix Meschberger updated SLING-1411: - Fix Version/s: Launchpad Content 2.0.6 > Add replaceAccessControlEntry method to AccessControlUtil > - > > Key: SLING-1411 > URL: https://issues.apache.org/jira/browse/SLING-1411 > Project: Sling > Issue Type: Improvement > Components: JCR >Affects Versions: JCR Jackrabbit Access Manager 2.0.4 >Reporter: Ray Davis >Assignee: Eric Norman >Priority: Minor > Fix For: Launchpad Testing 6, Launchpad Content 2.0.6, JCR > ContentLoader 2.0.8, JCR Jackrabbit Access Manager 2.0.6 > > Attachments: SLING-1411.patch > > > ModifyAceServlet and DefaultContentCreator both have a need to merge new > privileges for a given principal to an existing resource ACL. Doing so > involves some rather complex logic which is easy to get wrong, and in the > Sakai 3 project, we found that quite a few service developers needed the same > functionality. This patch moves the functionality to a shared utility method > to eliminate any tempatations to copy-and-paste (or worse, rewrite > incorrectly). > Besides consolidating the logic (and removing it from ModifyAceServlet and > DefaultContentCreator), this patch introduces a couple of other changes: > * The ACE merge is more conservative. SLING-997 broke apart specified and > existing aggregated privileges and then tried to recombine them into possibly > new combinations. This patch instead maintains exactly what the client > specified and (when possible) what was already there, but does not create any > new aggregates of its own. This better matches Jackrabbit's default behavior, > should minimize client surprises, and eliminates a subtle bug: any candidate > aggregate privilege needs to be checked for "isAbstract()". > * The ModifyAceServlet JavaDoc is corrected and expanded. > * Some bad logging format is fixed. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1411) Add replaceAccessControlEntry method to AccessControlUtil
[ https://issues.apache.org/jira/browse/SLING-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ray Davis updated SLING-1411: - Priority: Minor (was: Major) > Add replaceAccessControlEntry method to AccessControlUtil > - > > Key: SLING-1411 > URL: https://issues.apache.org/jira/browse/SLING-1411 > Project: Sling > Issue Type: Improvement > Components: JCR >Affects Versions: JCR Jackrabbit Access Manager 2.0.4 >Reporter: Ray Davis >Priority: Minor > Attachments: SLING-1411.patch > > > ModifyAceServlet and DefaultContentCreator both have a need to merge new > privileges for a given principal to an existing resource ACL. Doing so > involves some rather complex logic which is easy to get wrong, and in the > Sakai 3 project, we found that quite a few service developers needed the same > functionality. This patch moves the functionality to a shared utility method > to eliminate any tempatations to copy-and-paste (or worse, rewrite > incorrectly). > Besides consolidating the logic (and removing it from ModifyAceServlet and > DefaultContentCreator), this patch introduces a couple of other changes: > * The ACE merge is more conservative. SLING-997 broke apart specified and > existing aggregated privileges and then tried to recombine them into possibly > new combinations. This patch instead maintains exactly what the client > specified and (when possible) what was already there, but does not create any > new aggregates of its own. This better matches Jackrabbit's default behavior, > should minimize client surprises, and eliminates a subtle bug: any candidate > aggregate privilege needs to be checked for "isAbstract()". > * The ModifyAceServlet JavaDoc is corrected and expanded. > * Some bad logging format is fixed. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1411) Add replaceAccessControlEntry method to AccessControlUtil
[ https://issues.apache.org/jira/browse/SLING-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ray Davis updated SLING-1411: - Attachment: SLING-1411.patch > Add replaceAccessControlEntry method to AccessControlUtil > - > > Key: SLING-1411 > URL: https://issues.apache.org/jira/browse/SLING-1411 > Project: Sling > Issue Type: Improvement > Components: JCR >Affects Versions: JCR Jackrabbit Access Manager 2.0.4 >Reporter: Ray Davis > Attachments: SLING-1411.patch > > > ModifyAceServlet and DefaultContentCreator both have a need to merge new > privileges for a given principal to an existing resource ACL. Doing so > involves some rather complex logic which is easy to get wrong, and in the > Sakai 3 project, we found that quite a few service developers needed the same > functionality. This patch moves the functionality to a shared utility method > to eliminate any tempatations to copy-and-paste (or worse, rewrite > incorrectly). > Besides consolidating the logic (and removing it from ModifyAceServlet and > DefaultContentCreator), this patch introduces a couple of other changes: > * The ACE merge is more conservative. SLING-997 broke apart specified and > existing aggregated privileges and then tried to recombine them into possibly > new combinations. This patch instead maintains exactly what the client > specified and (when possible) what was already there, but does not create any > new aggregates of its own. This better matches Jackrabbit's default behavior, > should minimize client surprises, and eliminates a subtle bug: any candidate > aggregate privilege needs to be checked for "isAbstract()". > * The ModifyAceServlet JavaDoc is corrected and expanded. > * Some bad logging format is fixed. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.