Ingo,
When you say "server implementation", do you mean customizing the
slide server code for a particular behavior? I am using vanilla slide server
implementation with no customization at all.
Do you think it is possible to customize the slide server to allow
inheritable permissions?
Krishna
-----Original Message-----
From: Ingo Brunberg [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 27, 2004 2:39 AM
To: Slide Users Mailing List
Subject: Re: Adding a non-inheritable permission to a folder using webdav
clie nt lib not working
The ACL spec states that you cannot modify an inherited or protected
ACE.
What about adding a new ACE? I'm not sure. If you add an ACE to a
collection, isn't it automatically inheritable? Might that depend on a
particular server implementation? I guess no implementation would
allow you to add a protected ACE. And maybe the ACL spec should be
changed to allow marking a new ACE as inheritable.
Reagrds,
Ingo
> Ingo,
> Why is Ace class exposing its isInherited member variable if cannot
> be set explicitly. It also has a mutator method called setIsInherited().
If
> value set to false, it works. If set to true it just doesn't do anything
> (does not throw error too). Seems like a bug.
>
> Also, using domain.xml you can create non-inheritable permissions. I have
> tried that and it works. All I am asking is if I can achieve the same
using
> webdav client lib.
>
> Thanks,
>
> Krishna
>
>
> -----Original Message-----
> From: Ingo Brunberg [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 26, 2004 1:22 AM
> To: Slide Users Mailing List
> Subject: Re: Adding a non-inheritable permission to a folder using webdav
> clie nt lib not working
>
> You can't set a permission that is inherited. Inherited means the ACE
> is really inherited (believe me) from a parent resource.
>
> In fact you should filter the ACEs with the inherited flag set before
> calling the aclMethod(). Luckily the client library does this for you.
>
> Ingo
>
> > Hi,
> > I have been trying for quiet some time to add a permission to a
> > folder using webdav client-lib that does not inherit to the downstream
> > folders. I have taken the code from client-lib that is shipped with
slide
> > and am using slide 2.1 B1. In my code I use the following fragment to
> create
> > an ACE object and bind it to ACL.
> >
> > The code works perfectly if 4th parameter (isInherited) is set to false
> >
> > // Create new ACE object bIsInherited = false
> > aceNew = new Ace(sPrincipal, bDenyPrivilege, false, bIsInherited, null);
> >
> >
> > The code does not work if 4th parameter (isInherited) is set to true. I
am
> > assuming that you set the 4th parameter to true if you are trying to
make
> > the permission non-inheritable (not allow it to percolate to the
> downstream
> > folders).
> >
> > With 4th parameter set to true, webdav client does not throw any error
but
> > does not add the permission. Later when I get the ACL for the resource I
> > find that the ace has not been added.
> >
> > Please let me know if I am missing something ... or if it is possible at
> all
> > to create a permission(ace) in a ACL which does not percolate to
> downstream
> > folders using webdav client lib.
> >
> > I found that adding a inheritable(false) permission in domain.xml does
the
> > job as desired. I am wondering why it is not working from webdav client
> lib.
> >
> > Any help is appreciated !!!!!!
> >
> > /******************* code fragment *****************************/
> >
> > // Fetch ACL from slide for a folder
> > AclProperty acl = webDavResource.aclfindMethod(sResourcePath);
> >
> > // Fetch the ACE's (access control entities) of the existing ACL
> > Ace[] aces = acl.getAces();
> >
> > // Create new ACE object none exists
> > if (aces == null)
> > aces = new Ace[0];
> >
> > Ace[] oldAces = aces;
> > // Create a new ace array (larger then the earlier ace array by 1)
> > aces = new Ace[oldAces.length + 1];
> >
> > // Copy the old array into the new array
> > System.arraycopy(oldAces,0,aces,0,oldAces.length);
> >
> > // Create new ACE object bIsInherited = true
> > aceNew = new Ace(sPrincipal, bDenyPrivilege, false, bIsInherited, null);
> >
> > // Copy the new ace into the new ace array
> > aces[oldAces.length] = aceMatchingPrincipal;
> >
> > // Create a new privilege
> > Privilege privilegeNew = new Privilege(qnPermission.getNamespaceURI(),
> > qnPermission.getLocalName(), null);
> >
> > // Update the ace object with the new privilege settings
> >
> > aceNew.addPrivilege(privilegeNew);
> >
> > // Update repository with new acl for the resource
> > bSuccess = webDavResource.aclMethod(sResourcePath, aces);
> >
> >
> >
> > Krishna
> > (303) 274 3027
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
