Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-10210

Option to enforce service-user-mapping with principal names

    XMLWordPrintableJSON

Details

    Description

      kpauls, with the improvements made with SLING-10070 the converter is able to refactor service users and permission setup defined in content packages to use principal-based access control setup.

      however, service users listed in mappings by userid are currently omitted from the refactoring (see SLING-10070 for reasoning).
      looking at usages in AEM instances i noticed however, that a majority of those mappings don't seem to actively rely on group membership and could probably safely been altered to mappings with the preferable format 'service:subservice=[principal-name]'.

      therefore i would like to suggest to introduce another configuration option to enforce the new mapping format.

      • if enabled all mappings with format 'service:subservice=userid' would be converted by being passed to the feature-model and all service users from content packages would be refactored in case option 'enforce-principal-based-setup' is enabled.
      • if disabled mappings would be converted to feature model as defined and the option introduced with SLING-10070 would work as today.

      wdyt?

      Attachments

        Issue Links

          Activity

            People

              angela Angela Schreiber
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: