You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-user@jakarta.apache.org by "K.C. Baltz" <kc...@lollimail.com> on 2004/01/13 05:47:53 UTC
Does this fit the security model supported?
I want to do something like the following and I'm running into trouble.
/files
/groups
/A
/B
/C
If that looks the way I typed it, it indicates that the following paths
exist, /files/groups/A/B and /files/groups/A/C . What I want
security-wise is for users in group A to have permissions for the A, B,
and C folders and users in groups B and C to only have permissions to
those folders, respectively.
I'm running into trouble when I try to use WebDAV to PUT a file in B,
when I'm logged in as a user in group B. It's telling me I don't have
permission, even though I can see I do in the database and in the HTML
view of the Slide repository. I looked into the code and it looks like
the problem is with StructureImpl.retrieve(). The first thing it tries
to do is retrieve the file I'm uploading, which in my case doesn't exist
yet. Then it falls back to searching from the top of the path to the
bottom. At this point, it runs into trouble because I don't have
permission for the "groups" or A folders. However, rather than return
an ObjectNotFoundException, as it probably should, it throws an Access
denied exception.
Is this right? Am I trying to make Slide do something it's not designed
for? Is there a better way to map a hierarchy of rights like this?
K.C.
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org