[OAK-7498] Security code should not depend on implementation details in oak-core - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: auth-external, auth-ldap, authorization-cug, core, security
Labels:
- m12n
- modularization

Description

stillalex, I have been looking at the remaining dependencies of the oak security code base to implementation details in oak-core and found the following main categories (in order of frequency):

dependency to 'plugins' like nodetype/namespace/version/identifier management, read-only (OAK-7499)
dependency to indexing implementation details (mainly in repository initializers): IndexConstants (OAK-7502), IndexUtils (OAK-7501), hardcoded *IndexProvider (OAK-7500)
hardcoded RootProviderService and TreeProviderService in SecurityProviderBuilder and the deprecated SecurityProviderImpl
one usage of ReadWriteVersionManager.getOrCreateVersionHistory in VersionablePathHook
one usage of RootFactory.createSystemRoot in UserInitializer linked to the setup of indices.

IMO it would be desirable to get rid of these dependencies implementation details (at least in the security code base in an initial stage).

Attachments

Issue Links

is blocked by

OAK-7527 Drop mandatory constraint on "rep:system" node for "rep:privileges"

Closed

Sub-Tasks

1.	Dependencies on various 'plugins'	Open	Unassigned
2.	Dependencies on QueryIndexProvider	Open	Unassigned
3.	Dependencies on IndexUtils	Open	Unassigned
4.	Dependency on IndexConstants in PermissionValidator	Open	Unassigned
5.	Drop mandatory constraint on "rep:system" node for "rep:privileges"	Closed	Alex Deparvu

Activity

People

Assignee:: Unassigned

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/May/18 12:03

Updated:: 06/Jun/18 06:18