Michael,
I completely agree with you.
All,
The reason I think this is very important for a complete ACL based
access system.
I have developed an admin UI for slide repository and the challenge
we are facing is that whenever a principal is assigned a permission
Guys,
There was another email thread like this recently regarding a users need to
have the read bit on a folder to navigate through it to get to children. I
worked on an authorization product at one time and our solution was to
define another permission called traverse that would permit a user
All,
I think it would be an extremely important feature to have (rather
it's a handicap not to have that feature), how do you go about proposing to
the DAV acl spec group, I have never done that?
Krishna
-Original Message-
From: Warwick Burrows [mailto:[EMAIL PROTECTED]
Sent:
There was another email thread like this recently regarding a users need to
have the read bit on a folder to navigate through it to get to children. I
worked on an authorization product at one time and our solution was to
define another permission called traverse that would permit a user to
Exactly, and that's a perfect use case as most people are familiar with it.
Warwick
-Original Message-
From: Oliver Zeigermann [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 28, 2004 3:22 PM
To: Slide Users Mailing List
Subject: Re: Adding a non-inheritable permission to a
One thing I'd like to point out is the read permission in Unix gives the
capability to see the contents of the directory. In contrast, read in
webdav only gives the capability to see the collection and the
properties of the collection... if the permission doesn't inherit.
-James
On Thu,
Ingo Brunberg wrote:
The ACL spec states that you cannot modify an inherited or protected
ACE.
What about adding a new ACE? I'm not sure. If you add an ACE to a
collection, isn't it automatically inheritable? Might that depend on a
particular server implementation? I guess no implementation would
You can't set a permission that is inherited. Inherited means the ACE
is really inherited (believe me) from a parent resource.
In fact you should filter the ACEs with the inherited flag set before
calling the aclMethod(). Luckily the client library does this for you.
Ingo
Hi,
I have
Jason,
Do you mean to say that it is not possible to set a permission to a
folder that would not inherit to its children. Somehow if I set a
permission in Domain.xml with inheritable=false, it does not job (I know it
uses slide API directly). This contradicts your statement. Also, I am
Michael,
I did not get your sentence
So this means that you may be unable to preserve the meaning of existing
ACEs when adding a new one.
Although it is true that you cannot add/remove/modify each ace individually,
. adding a new ace will not alter the meaning of existing aces at
Ingo,
Why is Ace class exposing its isInherited member variable if cannot
be set explicitly. It also has a mutator method called setIsInherited(). If
value set to false, it works. If set to true it just doesn't do anything
(does not throw error too). Seems like a bug.
Also, using
11 matches
Mail list logo