A security loader, along the lines of the contentloader to make it possible to
populate ACL,s and Authorizables on startup
--------------------------------------------------------------------------------------------------------------------------
Key: SLING-981
URL: https://issues.apache.org/jira/browse/SLING-981
Project: Sling
Issue Type: New Feature
Components: JCR Contentloader
Reporter: Ian Boston
Th small tar to follow allows bundles to include a Sakai-Initial-Security (to
be renamed) header in the manifest that points to a json file containing acl
and authorizable setup for the repository. This may include users or groups as
required by the acl's and the acls. In for form
{
"principals" : [
{
"name":"owner",
"isgroup":"true",
"members":[],
"dynamic":"true"
},
{
"name":"everyone",
"isgroup":"true",
"members":[],
"dynamic":"true"
}
],
"acl" : [
{
"path":"/_private",
"principal":"owner",
"privil...@jcr:read":"granted",
"privil...@jcr:write":"granted"
},
{
"path":"/public",
"principal":"owner",
"privil...@jcr:read":"granted",
"privil...@jcr:write":"granted"
},
{
"path":"/public",
"principal":"everyone",
"privil...@jcr:read":"granted"
}
]
}
The code is largely based on the contentloader with quite a bit of copying
(ugly sorry), but since it may not be wanted in in some installations I feel
its better off in its own bundle. If its acceptable to have it in all
distributions, then obviusly it should be a patch to contentloader.
I looked and asked for this functionality already existing in Sling, but could
not find it hence the patch. If there is a better way of doing the same already
in the code base then closing this with "invalid" would be the right thing to
do.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
