On 30 Jun 2009, at 11:43, Sean Radford wrote:
If I set the following access rights on 'default server':
* members (grant read)
As expected, for 'default domain' I have the following inherited
rights:
* members (grant read)
I then set the following local rights on 'default domain':
* members (deny read)
On Workspaces I then have the following inherited rights:
* members (grant read) (deny read)
Now (as expected) the policy on Workspaces works correctly in that
the local rights on 'default domain' (members deny read) take
precedence over the 'default server' (members grant read).
But would the UI be better to only display (members deny read) to
make it clearer to end-users?
Yes probably... But this UI is quite complex to design actually, it
has to be clear enough while at the same time presenting enough
information. If you have a patch for that please create a JIRA ticket,
and we'll look at integrating it.
Florent
--
Florent Guillaume, Head of R&D, Nuxeo
Open Source, Java EE based, Enterprise Content Management (ECM)
http://www.nuxeo.com http://www.nuxeo.org +33 1 40 33 79 87
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
