[ https://issues.apache.org/jira/browse/SLING-9971?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Karl Pauls closed SLING-9971. ----------------------------- > AclManagerTest/RepPolicyEntryHandlerTest : no tests for 'deny' entries > ---------------------------------------------------------------------- > > Key: SLING-9971 > URL: https://issues.apache.org/jira/browse/SLING-9971 > Project: Sling > Issue Type: Improvement > Components: Content-Package to Feature Model Converter > Reporter: Angela Schreiber > Assignee: Karl Pauls > Priority: Minor > Fix For: Content-Package to Feature Model Converter 1.1.0 > > > from what i can see there exists not a single test case for 'deny' access > control entries. while i agree that creating deny-entries for system users > should be considered bad practice, it's it possible with resource-based > access control setup (note though that principal-based access control setup > only allows for 'allow' entries, see > http://jackrabbit.apache.org/api/2.18/org/apache/jackrabbit/api/security/authorization/PrincipalAccessControlList.html#addEntry-java.lang.String-javax.jcr.security.Privilege:A- > and > http://jackrabbit.apache.org/oak/docs/security/authorization/principalbased.html#Implementation_Details). > unless the converter intended to prevent 'deny' entries from being used > (currently not the case), i think there should be at least 1 test that > verifies that deny entries will be properly converted. -- This message was sent by Atlassian Jira (v8.3.4#803005)