hi dirk,
I saw that you changed the parsePrivilege method of the AclMethod
to only look for all,read,read-acl,write,write-acl and ignore the rest of
the privileges but the parseRequest method
of the AclMethod still has case statements for PRIVILEGE_READ_OBJECT and
PRIVILEGE_READ_LOCKS etc which are redundant
and can be removed . Though the specs does not say anyting about the
status code for a request containing a unsupported privilege i would think
that BAD_REQUEST is the right reponse code
thanks,
rajkumar
-----Original Message-----
From: Dirk Verbeeck [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 10, 2001 2:55 PM
To: [EMAIL PROTECTED]
Subject: Re: Inconsistencies in Webdav Access Control
Raj Kumar wrote:
>
> hi dirk,
> They still seem to some inconsistencies in the implementation of the
> Webdav Access Control Extensions.
>
> -The privilege DAV:all is still defined as abstract but the AclMethod is
> allowing the DAV:all privilege to be
> granted/denied.
>
> -The AclMethod is still allowing granting of privileges
> PRIVILEGE_READ_REVISION_METADATA,
> PRIVILEGE_READ_REVISION_CONTENT which are not present in the privileges
> set returned by supported-privileges(Only
> all,read,write,read-acl,write-acl are present).
>
> - The aclmethod and the propfind methods still differ regarding their
> interpretation of the write privilege.
> The aclmethod for write privilege does not seem to be granting/denying
> removeRevisionContent privilege in slide.
>
> thanks,
> rajkumar
I have just committed the changes needed to findmethod and aclmethod.
Those inconsistencies should be fixed.
Can you verify it?
I'm not sure what response code to send when rejecting a unsupported
principal, the current code sends BAD_REQUEST but I didn't see anything
in the spec at first sight.
Thanks,
Dirk
