Hi Andrey,
Thanks for the response. As we speak I am doing some tests
using the Slide Command Line tool (it uses Webdav Client internally). I
added a new user (user1) and a new role (role1) using webdav client. I did
this using mkcol command on users and roles collection. After that I use
Webdav client (proppatchMethod()) to set the property "group-member-set" of
role "role1" to include "user1" as member of this role. This seemed to work
fine. Also, when I use propfindMethod() from webdav client to check the
property value of group-member-set, it shows user1 as a member of role1.
After that I use command line tool to login as root and assign "write"
permission on a new folder I created under /files to /roles/role1.
The command I use is:
grant write on /Slide/files/folder1 to /Slide/roles/role1
If I check acl propery for /Slide/files/folder1, I can see that write
permission is assigned to role1 for folder1.
Now, when I login back as user1, I cannot upload a file to the above folder,
I get 403 Forbidden error.
Can you validate that this works for you (I'll appreciate if you can grant
permissions using command line tool and validate that the permission works
properly). You can use acl command to find the permissions on any
folder/file.
thanks,
regards,
Krishna
-----Original Message-----
From: Andrey Shulinsky [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 04, 2004 12:56 PM
To: 'Slide Users Mailing List'
Subject: RE: User Authorization based on permissions set to role in
Slide2.1
Hi, Krishna!
Everything should work fine in the case you've described. Actually, I'm
testing permissions at the moment and it's one of my own test cases. I am
using the Security helper directly though, not the client.
Haven't you checked the descriptors of the "role1" and the file you're
granting access to ensure that "user1" is really in the "group-member-set"
property of the role and that the permission is set in the file descriptor?
Yours sincerely,
Andrey.
> -----Original Message-----
> From: Slide Users Mailing List [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, August 04, 2004 11:50 AM
> To: '[EMAIL PROTECTED]'
> Subject: User Authorization based on permissions set to role
> in Slide2.1
> Importance: Low
>
> Hi Folks,
> I am re-posting this mail since I haven't got any
> replies yet. I am hoping there is some developer there who
> might have tried to play around with permissions in
> Slide2.1M1. My problem is that when I assign some permissions
> to a role, those permissions are not propogated to the users
> in that role. If not for permissions what else is the purpose
> of having roles at all? I am sure it is not just for logical
> grouping of users. Any help is appreciated ......
>
> thanks in advance ....
>
> regards,
>
> Krishna
>
>
> > -----Original Message-----
> > From: Krishna Kankipati
> > Sent: Tuesday, August 03, 2004 5:47 PM
> > To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
> > Subject: User Authorization based on permissions set to role in
> > Slide2.1
> >
> > Michael,
> > I was searching the mail archive for some help on
> permissions and
> > came upon this discussion you were having with some developer which
> seemed
> > relevant to my question:
> >
> http://www.mail-archive.com/[EMAIL PROTECTED]/msg05056.htm
> > l
> >
> > Does slide permissions propogate based on role memberships.
> I mean, if
> > I create a role called "role1", and add a user called
> "user1" to it,
> > will
> > user1 get all the permissions that are assigned to role1.
> I've seen in
> > my tests that although I gave enough "write" permissions to
> "role1",
> > Slide does not allow "user1" to write unless I add the "write"
> > permission to "user1" itself. Am I missing something or is
> it a bug.
> > What is your opinion on this? I am using Slide 2.1M1 and
> command line
> > client to grant permissions to /Slide/files collection.
> >
> > thanks
> >
> > regards,
> > Krishna
> >
> >
> > Krishna Kankipati
> > Software Engineer
> > SSA Global
> > * 1626 Cole Blvd. Golden, CO 80401, USA
> > * 303-274-3027
> > Fax: 303-274-3137
> > * [EMAIL PROTECTED]
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
