On Thu, Mar 16, 2006 at 12:20:10AM +1000, Torgeir Veimo wrote: > On Wed, 2006-03-15 at 16:12 +0200, Eugeny N Dzhurinsky wrote: > > > > Okay, that could be good. But what if we will need to extend this list > > of > > privileges? Is there some workaround, if we will need, for example > I'd assume your needs would be met if the AccessManager impl had access > to more information about the node being accessed than it's path and > type (node vs property)?
Well, I don't think so. AccessManager itself seems to me my requirement. But other core modules are hardly tied with it. All what I need - to allow my custom implementation to ask for correct permissions - I don't think it is a good idea to identify ability to get children of a node and read contents (properties) of a node with same READ property. I don't see another way rather to implement my own repository object, perhaps just override it's login method to return my own implementation of a session, which itself checks various permissions of a nodes and properties when accessed by a customer. Am I on a correct way? -- Eugene N Dzhurinsky
