Hi,
I'm facing a weird situation with this file and the way it manages security.
It seems that a user has to have read access to all the path along to a
parent directory to create an object inside it. ie:
if I want to create a directory in /files/test1/test2, the user who wants to
create the directory must have read access to /files/ and /files/test1.
Which I think shouldn't be the case. I've patched StructureImpl.java to
forget this exception if the system is checking for anything else than the
parent directory where we want to create content.
I've just added that
} catch (AccessDeniedException e1) {
System.out.println("---> Access denied exception on " +
courUri.toString());
if (!uriTokenizer.hasMoreElements()) {
throw e1;
}
}
before
} catch (ObjectNotFoundException e) {
Any comments are more than welcome
L.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
