all/src/main/content/jcr_root/apps/acs-commons/config/org.apache.sling.jcr.repoinit.RepositoryInitializer-acs-commons-all.config from Adobe-Consulting-Services/acs-aem-commons

all/src/main/content/jcr_root/apps/acs-commons/config/org.apache.sling.jcr.repoinit.RepositoryInitializer-acs-commons-all.config
Summary

Maintainability

Test Coverage

Issues
scripts=[
"
# These paths must exist otherwise the following ACL applicaiton will fail, resulting in err'ing build 
create path /content/cq:tags(sling:Folder)
create path /etc/packages(sling:Folder)

# create default contextual configuration for redirects: /conf/global/settings/redirects
create path /conf/global(sling:Folder)
create path /conf/global/settings(sling:Folder)
create path /conf/global/settings/redirects(nt:unstructured)

# See https://github.com/Adobe-Consulting-Services/acs-aem-commons/commit/246afa6746abf1678975bc68f8ecb9a983548d36
create path /var/acs-commons(nt:folder)
set ACL for everyone
    allow jcr:read on /var/acs-commons
end

create path /etc/acs-commons(sling:OrderedFolder)
create path /etc/acs-commons/redirect-maps(sling:OrderedFolder)
create path /etc/acs-commons/redirect-maps/jcr:content(nt:unstructured)
set ACL for everyone
    allow jcr:read on /etc/acs-commons/redirect-maps
end

# Not supported in 6.4.8
#set properties on /conf/global/settings/redirects
#  set sling:resourceType{String} to acs-commons/components/utilities/manage-redirects/redirects
#end

# user to invalidate cached redirects on change
create service user acs-commons-manage-redirects-service with path system/acs-commons
set ACL for acs-commons-manage-redirects-service
    allow jcr:read on /
    allow jcr:read on /conf
end

# Marketo config service needs to be able to read /conf and /content
create service user acs-commons-marketo-conf-service with path system/acs-commons
set ACL for acs-commons-marketo-conf-service
    allow jcr:read on /conf
    allow jcr:read on /content
end

# web requests need read access to redirect configurations, e.g. /conf/global/settings/redirects
set ACL for everyone
    allow jcr:read on /conf  restriction(rep:glob,/*/settings/redirects)
    allow jcr:read on /conf  restriction(rep:glob,/*/settings/redirects/*)
end

create service user acs-commons-automatic-package-replicator-service with path system/acs-commons
create path /etc/acs-commons/automatic-package-replication(sling:OrderedFolder)
set ACL for acs-commons-automatic-package-replicator-service
    allow jcr:read,jcr:versionManagement,rep:write,crx:replicate on /etc/packages
    allow jcr:read on /
    allow jcr:read on /etc/acs-commons/automatic-package-replication
end

# Component error handler
create service user acs-commons-component-error-handler-service with path system/acs-commons
set ACL for acs-commons-component-error-handler-service
    allow jcr:read on /content
    allow jcr:read on /apps
end

# Email Service
create service user acs-commons-email-service with path system/acs-commons
create path (sling:Folder) /etc/notification/email
set ACL for acs-commons-email-service
    allow jcr:read on /etc/notification/email
end

# Error page handler
create service user acs-commons-error-page-handler-service with path system/acs-commons
set ACL for acs-commons-error-page-handler-service
    allow jcr:read on /content
end

# HTTP Cache JCR storage provider
create service user acs-commons-httpcache-jcr-storage-service with path system/acs-commons
create path /var/acs-commons/httpcache(sling:Folder)
set ACL for acs-commons-httpcache-jcr-storage-service
    allow jcr:read, rep:write on /var/acs-commons/httpcache
end

# Share Component Properties
create service user acs-commons-shared-component-props-service with path system/acs-commons
set ACL for acs-commons-shared-component-props-service
    allow jcr:read on /apps
end

# Package Garbage Collection
create service user acs-commons-package-garbage-collection-service with path system/acs-commons
set ACL for acs-commons-package-garbage-collection-service
    allow jcr:read, rep:write on /etc/packages
end

# AEM 6.5 - Root ACLs
create service user acs-commons-dispatcher-flush-service with path system/acs-commons
set ACL for acs-commons-dispatcher-flush-service
    allow jcr:read,crx:replicate,jcr:removeNode on /
end

# AEM 6.5 - Ensure Service User
create service user acs-commons-ensure-service-user-service with path system/acs-commons
set ACL for acs-commons-ensure-service-user-service
    allow jcr:read, rep:write, jcr:readAccessControl, jcr:modifyAccessControl on /
    allow rep:userManagement on /home/users
    allow rep:userManagement on /home/groups
end

# AEM 6.5 - On Deploy Scripts
create service user acs-commons-on-deploy-scripts-service with path system/acs-commons
create path /var/acs-commons/on-deploy-scripts-status(sling:OrderedFolder)
set ACL for acs-commons-on-deploy-scripts-service
    allow jcr:read on /
    allow jcr:versionManagement, jcr:read, rep:write, jcr:lockManagement on /var/acs-commons/on-deploy-scripts-status
    allow jcr:versionManagement, jcr:read, rep:write, jcr:lockManagement, crx:replicate on /content
    allow jcr:versionManagement, jcr:read, rep:write, jcr:lockManagement on /etc
end

# AEM 6.5 - Ensure Oak Index
create service user acs-commons-ensure-oak-index-service with path system/acs-commons
set ACL for acs-commons-ensure-oak-index-service
    allow jcr:read on /apps
    allow jcr:read,rep:write,rep:indexDefinitionManagement on /oak:index
end
"
]