I forgot to say that the stated tree is a user tree. If you have a particular object X, how can I set the following permissions for users A to D on object X?
| +-+ A /actions/view | | | +-+ B | | | | | +-+ C | | | | | | | +- D /actions/view If I deny the permission on X for user B, it is denied for C and D as well. I cannot grant permission on X for user D in this case. Is it intentional? Thank you Danny =:-) -----Ursprungliche Nachricht----- Von: Dirk Verbeeck [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 3. Oktober 2001 22:44 An: [EMAIL PROTECTED] Betreff: Re: Deny permissions This is something that is missing from the acl webdav spec, control over the inheritance of your permission. There is something in the advanced acl spec but it's in a very early stage. Slide itself has non-inhetited permissions, using the domain.xml you could do what you want, or write a webapp. For your problem, you could always A : grant B : deny C : (deny inherited) D : grant But I agree, some control over the inheritance would be easy. Dirk Daniel Ellermann wrote: > > Hello, > > if I have a tree like this and node A has the inheritable permission > /actions/view. > > | > +-+ A /actions/view > | | > | +-+ B /actions/view (inherited) > | | | > | | +-+ C /actions/view (inherited) > | | | | > | | | +- D /actions/view (inherited) > > Now I want to revoke this permission at B and C, but leave it at D. > > | > +-+ A /actions/view > | | > | +-+ B > | | | > | | +-+ C > | | | | > | | | +- D /actions/view > > At node B, I cannot revoke this permission, because it is inherited from A. > If I deny it, I will also deny the permissions for C and D respectively. I > don't want to revoke this permission at A, because new nodes inserted below > A wouldn't have this permission, which is not wishful. Is it intentional > that deny influences all nodes below? > > Thank you for your help. > > Danny =:-)
