Hi, The delete action is by default bound to a bean that check removeChildren first. If you policy is to accept delete when user is owner the you also need to override the action filter to bind it to a bean that will only check the perm on the target document. >From the securitypolicy, you have no clean ways to access the selected document in the seam context.
Tiry On 23 Feb 2010 16:01, "Bruce Grant" <[email protected]> wrote: Hi Tiry, My challenge is that the 'Delete' button is not enabled in the view because the user does not have the RemoveChildren right in the folder and my policy will not override that right because the author of the folder is not the author of the document to be deleted. If on the call made to check the RemoveChildren I could get access to the selected document then I could check to see if the current user is the author of the selected document and give the user RemoveChildren right (and then presumably I would see the Delete button ;-)) Cheers, Bruce. -------------------- metaLogic ph. +1.905.629.7775 x225 fax +1.905.629.9887 http://metaLogic.ca <http://metalogic.ca/> From: Thierry Delprat <[email protected]> To: Bruce Grant <[email protected]> Cc: [email protected] Date: 02/23/2010 08:57 AM Subject: Re: [Ecm] AbstractSecurityPolicy ------------------------------ Hi Bruce, The Core will do a double check : - check for the Remove Permission on the documen...
_______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
