New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add logic to handle patch requests that reference the root... #907
Conversation
- Removing "jcr:content" from authorization checks Partial resolution of: https://jira.duraspace.org/browse/FCREPO-1725
@@ -37,6 +37,9 @@ | |||
private static final Logger LOGGER = LoggerFactory | |||
.getLogger(FedoraUserSecurityContext.class); | |||
|
|||
// Defined here because FedoraJcrTypes is in fcrepo-http-api, which would create a cyclic dependency | |||
protected static final String JCR_CONTENT = "jcr:content"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FedoraJcrTypes
is in fcrepo-kernel-api, and if jcr:content
were defined there, I'm not sure that I see how a cyclic dependency would be created.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Try it, it is true.
fcrepo-http-api depends on fcrepo-auth-common (test). If fcrepo-auth-common were to also depend on fcrepo-http-api, a cycle would be formed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I disagree. See my pull request: awoods#4
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR.
Would you agree that your PR creates a dependency from fcrepo-auth-common on to fcrepo-http-api? This new dependency is coming transitively from some other artifact... but exists, nonetheless. If you explicitly add the dependency into fcrepo-auth-common's pom.xml, Maven complains.
Are you comfortable relying on this transitive coupling?
Am I missing something?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We're talking about different things.
This PR creates a dependency on fcrepo-kernel-api
, not fcrepo-http-api
. If the dependency to fcrepo-kernel-api
is added to maven (which it should be: see my additional commit), there is no complaint. This was the whole point, a few weeks ago, in removing fcrepo-mint
from the kernel-api: that way the kernel-api is a the very bottom of food-chain, as it were, and any other module should freely be able to use it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, if there is any problem with any module at all using the API, that is a massive architecture failure. The API should be independent of everything else. I'm not saying it is, I'm saying that such is the condition for which we must be working.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, @acoburn. You are correct, I was transposing fcrepo-http-api
for fcrepo-kernel-api
.
define jcr:content in FedoraJcrTypes class
Merged via 249977c |
Partial resolution of: https://jira.duraspace.org/browse/FCREPO-1725