Thanks Florian for the hint to class BasicPermissions. I would have expected this as an enum and therefore only looked in the ...enum package. Probably this does the job. An enum would have the advantage of a defined ordering which can be useful when checking rights (like "has at least read permission"). But this probably can be handled in the user code as well. I will check and adapt my sources.
For 1) I have created https://issues.apache.org/jira/browse/CMIS-517 Jens -----Original Message----- From: Florian Müller [mailto:[email protected]] Sent: Freitag, 23. März 2012 09:32 To: [email protected] Subject: RE: Setting an ACL Hi Jens, re 1) Yes, we can. Please open an improvement issue that we don't forget it. re 2) There is org.apache.chemistry.opencmis.commons.BasicPermissions. Is this want you are looking for? Cheers, Florian > No objections from my side. But if we touch this code I would like to > propose two more minor changes: > > 1) Because of the subtle differences between the bindings class > org.apache.chemistry.opencmis.commons.server.CmisService gets an extra > method applyAcl(). This however is not reflected in the LocalBinding. > I missed this in the unit tests where you want to test the behavior of > both bindings. Could we add this in the local binding? > > 2) Another piece I missed is an enum for the basic permissions. As a > replacement I used > org.apache.chemistry.opencmis.commons.impl.jaxb.EnumBasicPermissions. > This is exactly what I need, but directly accessing the JAXB classes > is contradicting our design ideas. Is there any reason not to add this > or just an oversight? > > Jens > > > > -----Original Message----- > From: Florian Müller [mailto:[email protected]] > Sent: Mittwoch, 21. März 2012 09:21 > To: [email protected] > Subject: Setting an ACL > > Hi, > > CMIS defines the applyAcl service to change the ACL of an object. > Unfortunately, there are subtle differences between the two bindings > that can cause confusion. > > Therefore, I propose we add a setAcl() method to OpenCMIS. This > method removes all direct permissions for all principals that are > stated in the ACL of an object and at the same time adds the ACL > provided by the application. That would effectively exchange all > direct permissions. > Obviously, propagation would not work with method but the semantics > for single objects would be clear regardless of the binding. > > WDYT? > > > Cheers, > > Florian
