Does this fit the security model supported?

["K.C. Baltz" <kc...@lollimail.com>]

I want to do something like the following and I'm running into trouble.

/files
    /groups
       /A
          /B
          /C

If that looks the way I typed it, it indicates that the following paths 
exist,  /files/groups/A/B and /files/groups/A/C .  What I want 
security-wise is for users in group A to have permissions for the A, B, 
and C folders and users in groups B and C to only have permissions to 
those folders, respectively. 

I'm running into trouble when I try to use WebDAV to PUT a file in B, 
when I'm logged in as a user in group B.  It's telling me I don't have 
permission, even though I can see I do in the database and in the HTML 
view of the Slide repository.  I looked into the code and it looks like 
the problem is with  StructureImpl.retrieve().  The first thing it tries 
to do is retrieve the file I'm uploading, which in my case doesn't exist 
yet.  Then it falls back to searching from the top of the path to the 
bottom.  At this point, it runs into trouble because I don't have 
permission for the "groups" or A folders.  However, rather than return 
an ObjectNotFoundException, as it probably should, it throws an Access 
denied exception. 

Is this right?  Am I trying to make Slide do something it's not designed 
for?  Is there a better way to map a hierarchy of rights like this?

K.C.


---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org