You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by bu...@apache.org on 2003/05/09 07:09:24 UTC
DO NOT REPLY [Bug 19791] New: -
AccessDeniedException is thrown in structure.create()
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19791>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19791
AccessDeniedException is thrown in structure.create()
Summary: AccessDeniedException is thrown in structure.create()
Product: Slide
Version: 1.0.16 Stable
Platform: Other
OS/Version: Other
Status: NEW
Severity: Normal
Priority: Other
Component: Core
AssignedTo: slide-dev@jakarta.apache.org
ReportedBy: willievu@yahoo.com
Here is the scenario:
/ [/users/root-/actions-inheritable]
/files/john/resources [/users/john-/actions-inheritable]
/files/john/resources/folder1
Notice that john has all permissions under /files/john/resources.
Now, if I use structure helper to create /files/john/resources/folder1 using
john, we get AccessDeniedException!!!
Access denied on / by user /users/john for action /actions/read
org.apache.slide.security.AccessDeniedException: Access denied on / by user
/users/john for action /actions/read
at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:389)
at org.apache.slide.structure.StructureImpl.create(StructureImpl.java:326)
A workaround is to grant john /actions/read along /, /files/john. However, it
is very inconvenient as users in our system come and go. Adding these extra
permissions are undesirable.
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org
Re: DO NOT REPLY [Bug 19791] New: - AccessDeniedException is thrown in structure.create()
Posted by Andreas Probst <an...@gmx.net>.
Hi Willievu,
I'm afraid, this isn't a bug but a feature. SecurityImpl is
developed that way. To read a child node, the user needs read
permissions on all parents and the child. However, to write, a
user needs read/write on the child node but only read
permissions on the parent.
This is a user's point of view. I'm not a Slide developer.
Andreas
On 9 May 2003 at 5:09, bugzilla@apache.org wrote:
> ReportedBy: willievu@yahoo.com
>
>
> Here is the scenario:
>
> / [/users/root-/actions-inheritable]
> /files/john/resources [/users/john-/actions-inheritable]
> /files/john/resources/folder1
>
> Notice that john has all permissions under /files/john/resources.
>
> Now, if I use structure helper to create /files/john/resources/folder1 using
> john, we get AccessDeniedException!!!
>
> Access denied on / by user /users/john for action /actions/read
> org.apache.slide.security.AccessDeniedException: Access denied on / by user
> /users/john for action /actions/read
> at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:389)
> at org.apache.slide.structure.StructureImpl.create(StructureImpl.java:326)
>
>
> A workaround is to grant john /actions/read along /, /files/john. However, it
> is very inconvenient as users in our system come and go. Adding these extra
> permissions are undesirable.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: slide-dev-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: DO NOT REPLY [Bug 19791] New: - AccessDeniedException is thrown in structure.create()
Posted by Andreas Probst <an...@gmx.net>.
Hi Willievu,
I'm afraid, this isn't a bug but a feature. SecurityImpl is
developed that way. To read a child node, the user needs read
permissions on all parents and the child. However, to write, a
user needs read/write on the child node but only read
permissions on the parent.
This is a user's point of view. I'm not a Slide developer.
Andreas
On 9 May 2003 at 5:09, bugzilla@apache.org wrote:
> ReportedBy: willievu@yahoo.com
>
>
> Here is the scenario:
>
> / [/users/root-/actions-inheritable]
> /files/john/resources [/users/john-/actions-inheritable]
> /files/john/resources/folder1
>
> Notice that john has all permissions under /files/john/resources.
>
> Now, if I use structure helper to create /files/john/resources/folder1 using
> john, we get AccessDeniedException!!!
>
> Access denied on / by user /users/john for action /actions/read
> org.apache.slide.security.AccessDeniedException: Access denied on / by user
> /users/john for action /actions/read
> at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:389)
> at org.apache.slide.structure.StructureImpl.create(StructureImpl.java:326)
>
>
> A workaround is to grant john /actions/read along /, /files/john. However, it
> is very inconvenient as users in our system come and go. Adding these extra
> permissions are undesirable.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: slide-dev-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org