On 23 Jun 2009, at 12:46, Tobias Bocanegra wrote:
hi,
according to jsr283 (see 16.2.3), the jcr:write is an aggregate
privilege:
• jcr:write: An aggregate privilege that contains:
o jcr:modifyProperties
o jcr:addChildNodes
o jcr:removeNode
o jcr:removeChildNodes
so, jcr:write should be sufficient. i can imagine, that the individual
privilege are expanded when applying the privilege on the node, but i
don't know for sure. how exactly do you set the privilege? using the
AccessControllManager ?
using the sling AccessControlUtils to get the ACL on the node, modify
the acl on the node, and the set it.
if you think this is a bug, please file a jackrabbit jira issue (if
possible with a test-case).
I will check against trunk to see that its not my installation.
Ian
thanks.
regards, toby
On Tue, Jun 23, 2009 at 1:04 PM, Ian Boston<i...@tfd.co.uk> wrote:
Hi,
If I set jcr:write granted on a node, I can upload content to that
node with
a multipart post but I cant overwrite the content.
to make that work I appear to need at least
curl
http://admin:ad...@localhost:8080/_user/private/d9/31/78/03/ian5.acl.json
{"ian5":{"granted":
["jcr:write
","jcr:removeChildNodes
","jcr:modifyProperties","jcr:addChildNodes","jcr:removeNode"]}}
to avoid getting an access denied on remove jcr:content.
This sounds a little odd, since write usually implies overwrite.
Was this intentional.. or a fact of jcr ?
Ian
