You are viewing a plain text version of this content. The canonical link for it is here.

Posted to slide-dev@jakarta.apache.org by Christopher Lenz <cm...@gmx.de> on 2001/07/11 03:45:47 UTC

roles confusion

howdy-

can someone explain what the following piece of code is about, it's 
used for example in StructureImpl.create(...) and StructureImpl.store
(...)

...

// Checking role
if (!securityHelper.hasRole(token, object.getClass().getName())) {
  // Allow the namespace admin to create roles he doesn't have
  Uri rootUri = namespace.getUri(token, "/");
  ObjectNode rootObject = rootUri.getStore().retrieveObject(rootUri);
  securityHelper.checkCredentials
    (token, rootObject,
     namespaceConfig.getGrantPermissionAction());
}

...        

now, if a user in my namespace wants to create a LinkNode, this fails 
due to the code above... I don't quite understand why the subject 
needs to have the role of the object it wants to create...

any help appreciated
-chris
________________________________________________________________
cmlenz@gmx.de