[SLING-9957] Hardcoded list of restriction names in RepPolicyEntryHandler.RepPolicyParser - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Content-Package to Feature Model Converter 1.1.0
Component/s: Content-Package to Feature Model Converter
Labels:
None

Description

the code at

https://github.com/apache/sling-org-apache-sling-feature-cpconverter/blob/master/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandler.java#L121

hardcodes the names of the supported restrictions. while those listed are the restrictions currently supported by oak out of the box, oak allows for customization (see jackrabbit.apache.org/oak/docs/security/authorization/restriction.html) and the set of supported restrictions may also evolve in oak.

therefore the list should not be hardcoded. if obtaining the list of supported restrictions from oak is not an option, it might be better to assume that all child-properties of the protected rep:restrictions (primary type rep:Restrictions) node below a given access control entry are actually restrictions and treat them accordingly.

Attachments

Issue Links

links to

GitHub Pull Request #57

Activity

People

Assignee:: Angela Schreiber

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 01/Dec/20 16:20

Updated:: 17/May/21 11:38

Resolved:: 20/Jan/21 14:55