You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by Christopher Lenz <cm...@gmx.de> on 2001/07/11 03:45:47 UTC
roles confusion
howdy-
can someone explain what the following piece of code is about, it's
used for example in StructureImpl.create(...) and StructureImpl.store
(...)
...
// Checking role
if (!securityHelper.hasRole(token, object.getClass().getName())) {
// Allow the namespace admin to create roles he doesn't have
Uri rootUri = namespace.getUri(token, "/");
ObjectNode rootObject = rootUri.getStore().retrieveObject(rootUri);
securityHelper.checkCredentials
(token, rootObject,
namespaceConfig.getGrantPermissionAction());
}
...
now, if a user in my namespace wants to create a LinkNode, this fails
due to the code above... I don't quite understand why the subject
needs to have the role of the object it wants to create...
any help appreciated
-chris
________________________________________________________________
cmlenz@gmx.de