DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42952>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42952 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #20566|0 |1 is obsolete| | ------- Additional Comments From [EMAIL PROTECTED] 2007-08-07 03:03 ------- Created an attachment (id=20609) --> (http://issues.apache.org/bugzilla/attachment.cgi?id=20609&action=view) extends the UsecaseAuthorizerImpl to check page access as well ok, here is a vastly less intrusive approach: PolicyAuthorizer is left as-is, apart from some comments that document its shortcomings. UsecaseAuthorizer will now substitute "ac.visit" if no usecase parameter is set, hence it can handle page access control as well. default publication gets some additional usecase permissions: ac.visit is granted to roles edit, review, admin and visit (which basically mimics the current implicit behaviour, but now it's obvious). eventually, PolicyAuthorizer should be refactored (see bug http://issues.apache.org/bugzilla/show_bug.cgi?id=43049), but that is orthogonal to this issue... please review and comment. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
