Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-10467

Converted content package referres to paths moved to repo-init

    XMLWordPrintableJSON

Details

    Description

      kpauls, in the light of the enforce-principal-based-supported-path configuration option i had a look at the converted content packages, which probably need to be used instead of the original packages if the modifications applied by converted are not to be reverted by later installing the original content package.

      i therefore created a simple test content package demo-cp.zip that contains:

      • a regular user in 'demo-cp' subfolder
      • a regular group in 'demo-cp' subfolder
      • a bunch of service users both with resource-based and principal-based ac setup
      • content root at /demo-cp with a ac-policy (entries for user, group and service user)
      • a serviceusermapping configuration below /apps/demo-cp
        and had the converter generate demo-cp-0.0.0-cp2fm-converted.zip

      when trying to install the converted content package on a repository that content for service users and below /apps installed, i noticed that the converted package will actually remove that content.
      i suspect that this is caused by META_INF/vault/filter.xml and/or META-INF/vault/definition/content.xml still referring to those parts that got 'moved' to repo-init. in case of the dependency/.content.xml it states that the import mode is replace (same as in original package).

      maybe my test package is not correct.... but I would have expected that the paths that have been installed by repo-init statements should no longer be covered by the converted package (everything below /apps and /home/users/system) or/and should have the import-mode changed to the deprecated MERGE or new MERGE_PROPERTIES. the latter would be needed for any kind of resource-based AC setup for service users at mutable content nodes (NOTE: doesn't apply in case ac-setup for service users is migrated to principal-based authorization which entirely resides below the service user home).

      edge case: if regular users were to be located below /home/users/system excluding that path from the package definition obviously doesn't work.... changing import mode would be required. alternatively: spotting regular users below home/users/system and abort converter.

      wdyt?

      Attachments

        1. demo-cp-0.0.0-cp2fm-converted.zip
          6 kB
          Angela Schreiber
        2. demo-cp.zip
          16 kB
          Angela Schreiber

        Issue Links

          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. SLING-10571 Hardcoded application paths in VaultPackageUtils.detectPackageType

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open
          Testing discovered

          Improvement - An improvement or enhancement to an existing feature or task. SLING-10481 Review filter.xml creation for content package output of converter

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #92

          Activity

            People

              angela Angela Schreiber
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: