You are viewing a plain text version of this content. The canonical link for it is here.

Posted to slide-dev@jakarta.apache.org by di...@the-ecorp.com on 2001/03/30 16:14:33 UTC

Behaviour of JDBCDescriptorsStore.revokePermission

Hi all,

We have just found some strange behaviour in slide security.
It seems that revokePermission doesn't delete non-inheritable permissions.
Is this a bug or a feature ?

The code:

JDBCDescriptorsStore.revokePermission has a where clause that only delete
permissions with the same inheritable status as its permission parameter.
if (permission.isInheritable()) { inheritable = 1; } 
String s = "delete from permissions where object='" +
permission.getObjectUri() + "' and subject='" + permission.getSubjectUri() +
"' and action='" + permission.getActionUri() + "' and inheritable=" +
inheritable; 

SecurityImpl.revokePermission calls JDBCDescriptorsStore.revokePermission
with a newly created permission.
NodePermission permission = new NodePermission(object, subject, action); 
objectUri.getStore().revokePermission(objectUri, permission); 

A nodepermission defaults to inheritable = true.
public NodePermission(String objectUri, String subjectUri, String actionUri)
inheritable = true;

I think that the "and inheritable=" clause can be removed.

Cheers,
Dirk