Expand my Community achievements bar.

Can we have same ACLSetup(com.day.cq.security.ACLSetup) file present in two maven projects

Avatar

Level 4

I have doubt related to com.day.cq.security.ACLSetup file which is used for providing different permissions at mentioned nodes for different groups.

Consider I have two maven projects. Project-1 and Project-2

Project 1 contains below ACLs which are stored in com.day.cq.security.ACLSetup file. This file is located at /apps/Project-1/config.author.dev/com.day.cq.security.ACLSetup

  • ACL1: allow;jcr:read;test-project1-user;/apps/project-1
  • ACL2: allow;jcr:read;test-project1-user;/content/dam/project-1

Project 2 contains below ACLS which are stored in com.day.cq.security.ACLSetup file. This file is located at /apps/Project-2/config.author.dev/com.day.cq.security.ACLSetup

  • ACL3: allow;jcr:read;test-project2-user;/apps/project-2
  • ACL4: allow;jcr:read;test-project2-user;/content/dam/project-2

After installing the Project 1 on vanilla instance, DAY CQ ACL Setup Service file present in ConfigMgr screen contains both ACL1 and ACL2.

If I install the project 2 on vanilla instance, whether DAY CQ ACL Setup Service present in ConfigMgr screen should show all ACLs (ACL1,ACL2,ACL3,ACL4) or  ACL3 and ACL4 only.

Please let me know your inputs whether it will override or append ACLs to DAY CQ ACL Setup Service(com.day.cq.security.ACLSetup) after installing project-2 ?

3 Replies

Avatar

Level 10

If you install only Project2 - then you should have ACL 3 and 4. Is this what you are observing? 

Avatar

Level 4

I missed to add one point to make it clear. I want to install both project-1 and project-2 one by one on same vanilla instance.

So First I will install Project 1 and then install Project 2. 

Currently I am installing both projects one by one. ACLs to DAY CQ ACL Setup Service(com.day.cq.security.ACLSetup) shows  ACL3 and ACL4 only.

Is there any way to append the project-2 related ACLs(ACL3 and ACL4 ) to project-1 related ACLs by adding any property in OSGI config at config.author.dev for project-2 ?

Avatar

Employee Advisor

Hi,

IIRC the package manager cannot merge the content of a package with the content within the JCR repository on a property level, that means if a property is a multi-value property, you cannot append entries to it.

Also for consistency I would recommend to have all config contained in a single content package. When you need to maintain distinct content packages with distinct configurations, but there is also a requirement to have them all applied on a single instance ... that sounds really strange and you should rethink your packaging design.

Jörg