Andrey, Thank you for the suggestion. I tried using the locate-by-history report, but it's taking too long to resolve in a store with ~10,000 files. I'm going to have to find something more efficient or consider trying your approach of blocking direct access to the files.
Cheers, Andy -----Original Message----- From: Andrey Shulinsky [mailto:[EMAIL PROTECTED] Sent: Thursday, July 15, 2004 4:47 PM To: 'Slide Users Mailing List' Subject: RE: Determining original from history ( /history to /files ) Hi, Andy! According to the WebDAV standard, you could use the REPORT request to get the locate-by-history report returning all the VCRs that relate to your VHR (several VCRs could share one VHR). In your case, VHR - Version History Resource - is /history/3 and VCR - Version Controlled Resource - is /files/foo. org.apache.slide.webdav.method.report.LocateByHistoryReport might give you some clues though I haven't used it myself and therefore can't be more specific, sorry. We just don't give users the direct access to the history resources location and allow them to view versions by means of our application only so the principle "resource and its versions have the same access" could be easily implemented in our domain layer. Yours sincerely, Andrey. > -----Original Message----- > From: Slide Users Mailing List [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 15, 2004 5:53 PM > To: [EMAIL PROTECTED] > Subject: Determining original from history ( /history to /files ) > Importance: Low > > I'm implementing my own permissions mechanism based on a > custom implementation of the Security interface and using the > acl_semantics parameter to specify my own implementation. > The one last piece I would like to add is determining access > to /history URLs based on access to the original URLs. > > For example: > > /files/foo is versioned. > /history/3 is the location of the history of /files/foo. > > I only want to provide access to /history/3/ URLs if the user > has access to /files/foo. > > Given /history/3/, can I determine that it corresponds to the > history for /files/foo? > > Sorry if this is really easy and I just overlooked it. > > If it helps, I have access to the ObjectNode. I'm > implementing Security.hasPermission(ObjectNode, SubjectNode, > ActionNode). > > Thanks, Andy > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
