From dev-return-92235-archive-asf-public=cust-asf.ponee.io@sling.apache.org Fri Oct 5 10:35:28 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 4CA33180649 for ; Fri, 5 Oct 2018 10:35:28 +0200 (CEST) Received: (qmail 58079 invoked by uid 500); 5 Oct 2018 08:35:27 -0000 Mailing-List: contact dev-help@sling.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@sling.apache.org Delivered-To: mailing list dev@sling.apache.org Received: (qmail 58068 invoked by uid 99); 5 Oct 2018 08:35:27 -0000 Received: from mail-relay.apache.org (HELO mailrelay1-lw-us.apache.org) (207.244.88.152) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Oct 2018 08:35:27 +0000 Received: from mail-lf1-f43.google.com (mail-lf1-f43.google.com [209.85.167.43]) by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPSA id 23E31E1C for ; Fri, 5 Oct 2018 08:35:26 +0000 (UTC) Received: by mail-lf1-f43.google.com with SMTP id m80-v6so8757237lfi.12 for ; Fri, 05 Oct 2018 01:35:26 -0700 (PDT) X-Gm-Message-State: ABuFfoh6V5GHIX1i9PV0r8f8tGeEkaoD4gBzg2BfHKcqiBRAMwQJv+9h 4OHoaFTpK4cbv7oSJ/ebyz0ZDijkazlEte5ddZE= X-Google-Smtp-Source: ACcGV60vQmJnusFJHT3Us7NX++oqDxhp0DnUav06MNU6Y5m4udFrgPgJU7OaH4ZvauWYrjBpEH/6ZICtjW7eG5Ts0y0= X-Received: by 2002:a19:1346:: with SMTP id j67-v6mr5686205lfi.93.1538728525048; Fri, 05 Oct 2018 01:35:25 -0700 (PDT) MIME-Version: 1.0 References: <1538598403.1159726.1529716472.3C9A69BB@webmail.messagingengine.com> <7BE7B1BA-F02C-4DC7-ADD0-9C2DE169D318@apache.org> <5b6d3022-1252-7380-c2d6-c939d4fa741e@apache.org> <1538667562.1483199.1530812120.776C092D@webmail.messagingengine.com> <14c54999-5d11-ab56-f60f-609194f6afeb@apache.org> <1538671776.2504908.1530910352.3C8E4122@webmail.messagingengine.com> <8e14305b-27b5-03e7-d8b0-0c643eccfd49@apache.org> In-Reply-To: <8e14305b-27b5-03e7-d8b0-0c643eccfd49@apache.org> From: Bertrand Delacretaz Date: Fri, 5 Oct 2018 10:35:13 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [sling:resourceType] protected execution To: dev Content-Type: text/plain; charset="UTF-8" Hi, On Fri, Oct 5, 2018 at 6:52 AM Carsten Ziegeler wrote: > ...I would like to get briefly back to the use case of this "dangerous > servlet". Why isn't that servlet doing the permission checks which I > think is way safer than relying on additional magic somewhere else > (regardless of what it is)?... That servlet can of course do its own checks, but how? I don't think we have a recommended way of doing that, nor tools that help. The goal here is to define a standard way for how code running in Sling can check permissions, which can be as simple as void checkAllPermissions(ResourceResolver context, String ... permissionName) throws PermissionDeniedException One idea discussed earlier was to create a generic permissions checking service for that. Here I think Radu is taking the angle that such permissions are currently only needed for resource types, servlets and scripts, so this permissions API and impl can stay internal to the servlets resolver module for now. I think that works, provided that's designed in a way that allow us to take it out into a standalone module if needed later. -Bertrand