Hi, a question/idea : there is an <authenticated-user> tag ? Such a tag could be useful for separate "visitor" and "allowed" user.
Have a good day On Thu, 10 Sep 2009 11:21:51 -0400, Oleg Barmin <oleg.bar...@bridge-quest.com> wrote: >> Maybe It's a big false idea, but with using the <world> tag like this : >> <world> >> <role id="session" method="grant"/> >> </world> >> ??? > This will grant session role to all users. Even if they are not authorized. > ________________________________________ > From: Oleg Barmin [oleg.bar...@bridge-quest.com] > Sent: Thursday, September 10, 2009 6:46 AM > To: user@lenya.apache.org > Subject: RE: usecase and live view > >> If it's that, I think It's a great thing for Lenya ! Do you think you >> will > share this ? > > I need to ask my bosses about this. I am not sure that they will be happy > about this idea :( > ________________________________________ > From: Florent André [florent.andre-...@4sengines.com] > Sent: Thursday, September 10, 2009 6:20 AM > To: user@lenya.apache.org > Subject: RE: usecase and live view > > Hi Oleg, > > On Wed, 9 Sep 2009 14:26:47 -0400, Oleg Barmin > <oleg.bar...@bridge-quest.com> wrote: >> I have found the reason of such behavior. Lenya security policy is based > on >> the subtree-policy.acml files. Root policy file for the live area > contains >> only following: >> >> <world> >> <role id="visit" method="grant"/> >> </world> >> >> So only the "visit" role is granted even for the authorized users. But >> usecase requires session role. >> I have changed config file content: >> >> <world> >> <role id="visit" method="grant"/> >> </world> >> >> <group id="editor"> >> <role id="session" method="grant" /> >> </group> >> <group id="reviewer"> >> <role id="session" method="grant" /> >> </group> >> <group id="admin"> >> <role id="session" method="grant" /> >> </group> >> <group id="sitemanager"> >> <role id="session" method="grant" /> >> </group> >> >> Now the session role is granted to the members of configured groups. But > I >> want to grant session role for all authorized users from any groups. How > to >> do it? > > Maybe It's a big false idea, but with using the <world> tag like this : > <world> > <role id="session" method="grant"/> > </world> > ??? > > Apart from that, does your module offer the possibility to comment articles > from the live area ? > > If it's that, I think It's a great thing for Lenya ! Do you think you will > share this ? > > Have a good ]coding[ day > >> >> ________________________________________ >> From: Oleg Barmin >> Sent: Saturday, September 05, 2009 6:17 AM >> To: user@lenya.apache.org >> Subject: usecase and live view >> >> Hi, >> >> I've added a new usecase to store comments to publications. It works with >> "authoring view" but when I try to use it in a "live view" I get "Access >> Denied" page. >> >> Permissions for this use case are following >> > (\build\lenya\webapp\lenya\pubs\ksapoc\config\access-control\usecase-policies.xml): >> >> <ac:usecase id="mboard.addComment"> >> <ac:role id="session" /> >> </ac:usecase> >> >> Why I get "Access Denied" error for the authorized users? >> >> Best regards, >> Oleg Barmin. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org >> For additional commands, e-mail: user-h...@lenya.apache.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org > For additional commands, e-mail: user-h...@lenya.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org > For additional commands, e-mail: user-h...@lenya.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org > For additional commands, e-mail: user-h...@lenya.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org For additional commands, e-mail: user-h...@lenya.apache.org
