You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-user@jakarta.apache.org by Sung-Gu <jericho at apache.org> on 2002/04/25 00:16:47 UTC

Re: permission

Hmm...  Yes, it sounds like a bug... ;)

----- Original Message ----- 
From: <ja...@amos.mailshell.com>
To: <sl...@jakarta.apache.org>
Sent: Wednesday, April 24, 2002 11:36 PM
Subject: RE: permission


> Looks like a bug to me - should probably cut to the next "/" and use
> equals(), or append a "/" before using startsWith().
> 
> > -----Original Message-----
> > From: Piter Siman
> > [mailto:piter.siman.at.stepstone.de@jakarta_slide_user.at.amos
> > .mailshell.com]
> > Sent: Wednesday, April 24, 2002 4:35 PM
> > To: amos.shapira@webcollage.com
> > Subject: permission
> >
> >
> > Hi !
> >
> > I have a question about permission in slide,
> >
> > here is my use case:
> > I have two users, example: /users/test and /users/test1
> > one directory file, example: /files/filedirectory.
> >
> > in /files/filedirectory I created two directories:
> > /files/fileDirectory/test for /users/test and
> > /files/fileDirectory/test1 for /users/test1
> >
> > the permissions are
> > /actions/read (not inheritable) for /users/test and /users/test1 in
> > /files/fileDirectory
> >
> > /actions (inheritable) for /users/test in /files/fileDirectory/test
> > /actions (inheritable) for /users/test1 in /files/fileDirectory/test1
> >
> > My question is, why /users/test1 can perform /actions in
> > /files/fileDirectory/test ?
> >
> > as I see in SecurityImpl.java:
> >
> > granted = (!permission.isNegative())
> >                             && (subjectUri.toString()
> >
> > .startsWith(permission.getSubjectUri()))
> >                             && (actionUri.toString()
> >
> > .startsWith(permission.getActionUri()));
> >
> > denied = (permission.isNegative())
> >                             && (subjectUri.toString()
> >
> > .startsWith(permission.getSubjectUri()))
> >                             && (actionUri.toString()
> >
> > .startsWith(permission.getActionUri()));
> >
> > subjectUri is /users/test1
> > permission.getSubjectUri() is /users/test. Because it used
> > startsWith,
> > /users/test1 can access /actions from /users/test.
> >
> > Why it used startsWith?
> >
> > thanks.
> >
> > piter
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
> 
> 
> 
> ---------- Your subscription is protected by Mailshell ----------
> As you requested, this email was forwarded to you by Mailshell.
> Mailshell will forward your replies to this email and keep your
> private email address safe.
> 
> To unsubscribe safely and easily using Mailshell or to stop forwarding:
> http://www.mailshell.com/control.html?a=bjmo4cbomm57hhx9zzhlzw4ji_2cvkcgi27d
> 1ahlgjaegqsb
> 
> FreshAddress.com http://rd.mailshell.com/ad482
> IMDb http://rd.mailshell.com/sp6
> 
> --
> To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
> 
>