You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2014/06/23 19:47:24 UTC

[jira] [Commented] (JCR-3778) getMemberIDs() method for Group

    [ https://issues.apache.org/jira/browse/JCR-3778?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14041035#comment-14041035 ] 

Tobias Bocanegra commented on JCR-3778:
---------------------------------------

what about the other methods:
* Group.getDeclaredMemeberIDs()
* Group.isMember(String id) 
* Group.removeMember(String id)
* Group.addMember(String id)
(note that the manipulation methods could be abused to test the existence of an authorizable)

what about Authorizable.isGroup() ? from the ID we cannot deduct if the authorizable is a group or user.

Maybe it would be better to always return an Authorizable for the "member" related methods, even if the user session does not have read access to the authorizable. all methods except Authorizable.getId() and Authorizable.isGroup() would throw an AccessDenied exception.

In general I think this semantic is very implementation dependent. i.e. comes from the fact, that group membership is stored in the group and not in the authorizable. wouldn't it be better to add new policies? i.e. rep:readMemberIDs, rep:writeMemberIDs ?

> getMemberIDs() method for Group
> -------------------------------
>
>                 Key: JCR-3778
>                 URL: https://issues.apache.org/jira/browse/JCR-3778
>             Project: Jackrabbit Content Repository
>          Issue Type: Wish
>          Components: jackrabbit-api
>    Affects Versions: 2.7.5
>            Reporter: Lars Krapf
>            Assignee: angela
>            Priority: Minor
>
> Provide a method to get a list of all memberIDs (strings) from a group, given that a user has read access to that group.



--
This message was sent by Atlassian JIRA
(v6.2#6252)