You are viewing a plain text version of this content. The canonical link for it is here.

Posted to slide-user@jakarta.apache.org by Bertrand Tignon <be...@capgemini.com> on 2005/05/17 11:49:27 UTC

ACL permissions

Hello !

I'm trying to understand how permissions work with Slide using its API and I have a few questions about it.

1) In the Privilege class there are 5 statics fields : ALL, READ, WRITE, READ_ACL, WRITE_ACL but I don't understand the difference between WRITE and WRITE_ACL, READ and READ_ACL.

2) A privilege can only be one of these 5 fields or can we build other privileges ?

And another newbie question, is there a wicki about creating slide users and slide roles with the Slide API ?

Thanx a lot for your help.

This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient,  you are not authorized to read, print, retain, copy, disseminate,  distribute, or use this message or any part thereof. If you receive this  message in error, please notify the sender immediately and delete all  copies of this message.

Re: ACL permissions

Posted by Denis Zvonov <zv...@mobilae.ru>.

Hi!

Bertrand Tignon wrote:

>Hello !
>
>I'm trying to understand how permissions work with Slide using its API and I have a few questions about it.
>
>1) In the Privilege class there are 5 statics fields : ALL, READ, WRITE, READ_ACL, WRITE_ACL but I don't understand the difference between WRITE and WRITE_ACL, READ and READ_ACL.
>  
>
see specs http://www.webdav.org/specs/rfc3744.html

>2) A privilege can only be one of these 5 fields or can we build other privileges ?
>  
>
There are other privileges like "bind", "unbind" and so on see specs 
above and Domain.xml where all privileges are defined inside
<objectnode classname="org.apache.slide.structure.ActionNode" 
uri="/actions">  element.
You can also declare custom privileges under this node. They could be 
mapped to Slide actions in Domain.xml. Here is the example how we do:

    <namespace name="slide">
.........................................................
       <configuration>

            <!-- Actions mapping -->
            <read-object>/actions/read</read-object>
            <create-object>/actions/sp-create-object</create-object>
            <remove-object>/actions/sp-delete-object</remove-object>
            <grant-permission>/actions/write-acl</grant-permission>
            <revoke-permission>/actions/write-acl</revoke-permission>
            <read-permissions>/actions/read-acl</read-permissions>
            
<read-own-permissions>/actions/read-current-user-privilege-set</read-own-permissions>
            <lock-object>/actions/sp-modify</lock-object>
            <kill-lock>/actions/unlock</kill-lock>
            <read-locks>/actions/read</read-locks>
            <read-revision-metadata>/actions/read</read-revision-metadata>
            
<create-revision-metadata>/actions/sp-create-properties</create-revision-metadata>
            
<modify-revision-metadata>/actions/write-properties</modify-revision-metadata>
            
<remove-revision-metadata>/actions/write-properties</remove-revision-metadata>
            <read-revision-content>/actions/read</read-revision-content>
            
<create-revision-content>/actions/sp-create-content</create-revision-content>
            
<modify-revision-content>/actions/write-content</modify-revision-content>
            
<remove-revision-content>/actions/write-content</remove-revision-content>
            <bind-member>/actions/bind</bind-member>
            <unbind-member>/actions/unbind</unbind-member>
........
<configuration>

All the privileges, that starts with "sp-" is our custom privileges.
WARNING! Adding you custom privileges should not break standard 
behavior, specified in http://www.webdav.org/specs/rfc3744.html. To meet 
this requirement some other changes in Domain.xml was made. For example:
................
                    <objectnode 
classname="org.apache.slide.structure.ActionNode" uri="/actions/write">
                        <revision>
                            <property 
name="privilege-member-set"><![CDATA[<D:href 
xmlns:D='DAV:'>/actions/sp-modify</D:href> <D:href 
xmlns:D='DAV:'>/actions/sp-delete</D:href><D:href 
xmlns:D='DAV:'>/actions/sp-create</D:href>]]></property>
                        </revision>
                    </objectnode>
...............

>And another newbie question, is there a wicki about creating slide users and slide roles with the Slide API ?
>
>  
>
>Thanx a lot for your help.
>  
>

---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org