On Wed, Mar 15, 2006 at 11:04:50AM +0100, Stefan Guggisberg wrote: > On 3/14/06, Eugeny N Dzhurinsky <[EMAIL PROTECTED]> wrote: > > Hello! > > > > We need to provide access manager with mode access rights than > > READ/WRITE/DELETE. > > > > But I found there are a lot of placed where constants defined in access > > meneger used (ItemManager,ItemImpl etc). Should I also provide custom > > implementation for all these modules or there is some simplier way? > i don't know what constants you're talking of but you certainly don't need > to extend ItemImpl etc..
I need completely different set of constants: read properties,write properties, browse children,add child,delete child > take a look at the o.a.j.c.security.AccessManager interface. all you have > to do is to provide an implementation of this interface that handles your > custom authorization. check out SimpleAccessManager (a mock > access manager); there are todo comments in the source code that should > hint you to those areas where you might want to insert your code. I thought it is simple as you described, but in many places like: SessionImpl.java BatchedItemOperations.java ItemManager.java EventConsumer.java QueryImpl.java there is direct reference to AccessManager.READ/WRITE/REMOVE access constants. So I guess I need to override somehow behavior of those classes. The worst thing I found is there is no way to specify ItemManager etc in configuration, so I seem to need to implement repository to return session object, and session - to return correct NodeImpl, which will refer to correct ItemManager and ItemImpl. -- Eugene N Dzhurinsky
