[
https://issues.apache.org/jira/browse/CONNECTORS-1401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Karl Wright resolved CONNECTORS-1401.
-------------------------------------
Resolution: Fixed
r1790654
> Documentum Authority does not properly exclude ACLs that include negative
> groups or users
> -----------------------------------------------------------------------------------------
>
> Key: CONNECTORS-1401
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1401
> Project: ManifoldCF
> Issue Type: Bug
> Components: Documentum connector
> Affects Versions: ManifoldCF 2.5
> Reporter: Karl Wright
> Assignee: Karl Wright
> Fix For: ManifoldCF 2.7
>
> Attachments: CONNECTORS-1401.patch
>
>
> The Documentum Authority currently returns a list of ACL names, which it gets
> using the following DQL query:
> {code}
> SELECT DISTINCT A.owner_name, A.object_name FROM dm_acl A WHERE
> A.object_name NOT LIKE 'dm_%' AND (
> (any (A.r_accessor_name IN ('" + strAccessToken + "', 'dm_world')
> AND r_accessor_permit>2)
> OR (any (A.r_accessor_name='dm_owner' AND A.r_accessor_permit>2)
> AND A.owner_name=" + quoteDQLString(strAccessToken) + ")
> OR (ANY (A.r_accessor_name in (SELECT G.group_name FROM dm_group
> G WHERE ANY G.i_all_users_names = " + quoteDQLString(strAccessToken) + ")
> AND r_accessor_permit>2)) )
> {code}
> The query should be modified to block all ACLs that have r_accessor_permit <=
> 2, since those are "denied" access.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
