> If it's that, I think It's a great thing for Lenya ! Do you think you will share this ?
I need to ask my bosses about this. I am not sure that they will be happy about this idea :( ________________________________________ From: Florent André [florent.andre-...@4sengines.com] Sent: Thursday, September 10, 2009 6:20 AM To: user@lenya.apache.org Subject: RE: usecase and live view Hi Oleg, On Wed, 9 Sep 2009 14:26:47 -0400, Oleg Barmin <oleg.bar...@bridge-quest.com> wrote: > I have found the reason of such behavior. Lenya security policy is based on > the subtree-policy.acml files. Root policy file for the live area contains > only following: > > <world> > <role id="visit" method="grant"/> > </world> > > So only the "visit" role is granted even for the authorized users. But > usecase requires session role. > I have changed config file content: > > <world> > <role id="visit" method="grant"/> > </world> > > <group id="editor"> > <role id="session" method="grant" /> > </group> > <group id="reviewer"> > <role id="session" method="grant" /> > </group> > <group id="admin"> > <role id="session" method="grant" /> > </group> > <group id="sitemanager"> > <role id="session" method="grant" /> > </group> > > Now the session role is granted to the members of configured groups. But I > want to grant session role for all authorized users from any groups. How to > do it? Maybe It's a big false idea, but with using the <world> tag like this : <world> <role id="session" method="grant"/> </world> ??? Apart from that, does your module offer the possibility to comment articles from the live area ? If it's that, I think It's a great thing for Lenya ! Do you think you will share this ? Have a good ]coding[ day > > ________________________________________ > From: Oleg Barmin > Sent: Saturday, September 05, 2009 6:17 AM > To: user@lenya.apache.org > Subject: usecase and live view > > Hi, > > I've added a new usecase to store comments to publications. It works with > "authoring view" but when I try to use it in a "live view" I get "Access > Denied" page. > > Permissions for this use case are following > (\build\lenya\webapp\lenya\pubs\ksapoc\config\access-control\usecase-policies.xml): > > <ac:usecase id="mboard.addComment"> > <ac:role id="session" /> > </ac:usecase> > > Why I get "Access Denied" error for the authorized users? > > Best regards, > Oleg Barmin. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org > For additional commands, e-mail: user-h...@lenya.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org For additional commands, e-mail: user-h...@lenya.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org For additional commands, e-mail: user-h...@lenya.apache.org
