Yes, it works ! i didnot change the nest_roles_maxdepth... Great.
Here some logs of my program ( the group publisher is in fact books-reader ): ** Membres du role : journalists <href xmlns="DAV:">/users/toto</href> ** Membres du role : books-reader <D:href xmlns:D="DAV:">/roles/journalists</D:href> ** Permissions sur le chemin : /files/workspaces/books ACL for /files/workspaces/books: ------------------------------------------------------------ granted to /roles/books-reader (not protected) (not inherited) DAV:read granted to /roles/books-writer (not protected) (not inherited) DAV:read granted to /roles/books-writer (not protected) (not inherited) DAV:write granted to /roles/root (not protected) (not inherited) DAV:all denied to /roles/user (not protected) (not inherited) DAV:all granted to roles/root (not protected) (inherited from '/files/workspaces') DAV:all granted to roles/user (not protected) (inherited from '/files/workspaces') DAV:read denied to roles/user (not protected) (inherited from '/files/workspaces') DAV:all granted to unauthenticated (not protected) (inherited from '/files') DAV:all granted to /roles/root (not protected) (inherited from '/files') DAV:write granted to /roles/user (not protected) (inherited from '/files') DAV:read granted to property (not protected) (inherited from '/files') DAV:read-acl granted to /roles/root (not protected) (inherited from '/') DAV:all denied to all (not protected) (inherited from '/') DAV:read-acl DAV:write-acl DAV:unlock granted to all (not protected) (inherited from '/') DAV:read ------------------------------------------------------------ ** The user toto is able to read the folder content "books". Thanks a lot. -----Message d'origine----- De : Jacob Lund [mailto:[EMAIL PROTECTED] Envoyé : jeudi 19 janvier 2006 09:20 À : Slide Users Mailing List Objet : Re: Permission question Hmm - did you add the jurnalist role to the publisher role using DAV:group-member-set? It should work. There is a setting in the domain.xml: <parameter name="nested_roles_maxdepth">2</parameter> I think the default value here is 0 so you would have to change that. /jacob ----- Original Message ----- From: "Laurent Michenaud" <[EMAIL PROTECTED]> To: "Slide Users Mailing List" <[email protected]> Sent: Wednesday, January 18, 2006 6:45 PM Subject: Permission question Hi, Here the following example : I've got a user : Toto. I've got a role : Journalist Toto has the Journalist role. I've got a role Publisher I've got a folder "books" The Publisher role has the acls to read/write in the books folder. Then, I add the role Journalist to the role Publisher. So, Toto should be able to read/write in the books folder. But it doesnot work. Is Slide able to do that ( intransitive permissions )? Thanks --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
