Edith Chevrier wrote:
Hi,
i have the same troubles and i would like to change the Access
Controller before we release lenya-1.4 as follow:
The ac rights are inherited but it is possible to stop the inheritence
from one node, by "removing" the right. (adding the right with the
method:remove)
I thought about making the access controller revoke permissions as well
as grant them. But I think I'd rather leave the Access Controller only
grant permissions, but make it possible to not inherit from a parent node.
I think inherit on/off is much simpler to implement (I've got it working
with the code changes I posted to the list) and I can't think of any
combination of access controls that it would not be able to provide. Can
you see any disadvantages to this approach which would make your
approach more desirable?
I agree in principle that the metadata is a better place to store the
Policy information. Would the Policy interfaces be changed to allow
obtaining the info from the metadata?
Michael R
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
