Lionel Touati wrote:
>Hi,
>
>I'm facing a weird situation with this file and the way it manages security.
>
>It seems that a user has to have read access to all the path along to a
>parent directory to create an object inside it. ie:
>
It's not a bug, but a feature !
Effectivelly, if you want to be able to read a node, you have to access
it first. Execute right doesn't exist like for
UNIX filesystems so it is replaced by read rigth. Quite logic, no ?
>if I want to create a directory in /files/test1/test2, the user who wants to
>create the directory must have read access to /files/ and /files/test1.
>Which I think shouldn't be the case. I've patched StructureImpl.java to
>forget this exception if the system is checking for anything else than the
>parent directory where we want to create content.
>
>I've just added that
>
>} catch (AccessDeniedException e1) {
> System.out.println("---> Access denied exception on " +
>courUri.toString());
> if (!uriTokenizer.hasMoreElements()) {
> throw e1;
> }
>}
>
>before
>} catch (ObjectNotFoundException e) {
>
>
>Any comments are more than welcome
>
>
>L.
>
>
>--
>To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
>For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
