You are viewing a plain text version of this content. The canonical link for it is here.

Posted to slide-dev@jakarta.apache.org by bu...@apache.org on 2003/05/09 07:09:24 UTC

DO NOT REPLY [Bug 19791] New: - AccessDeniedException is thrown in structure.create()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19791>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19791

AccessDeniedException is thrown in structure.create()

           Summary: AccessDeniedException is thrown in structure.create()
           Product: Slide
           Version: 1.0.16 Stable
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Core
        AssignedTo: slide-dev@jakarta.apache.org
        ReportedBy: willievu@yahoo.com


Here is the scenario:

/                                [/users/root-/actions-inheritable]
/files/john/resources            [/users/john-/actions-inheritable]
/files/john/resources/folder1

Notice that john has all permissions under /files/john/resources.

Now, if I use structure helper to create /files/john/resources/folder1 using
john, we get AccessDeniedException!!!

Access denied on / by user /users/john for action /actions/read
org.apache.slide.security.AccessDeniedException: Access denied on / by user
/users/john for action /actions/read
  at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:389)
  at org.apache.slide.structure.StructureImpl.create(StructureImpl.java:326)


A workaround is to grant john /actions/read along /, /files/john.  However, it
is very inconvenient as users in our system come and go.  Adding these extra
permissions are undesirable.

---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org

Re: DO NOT REPLY [Bug 19791] New: - AccessDeniedException is thrown in structure.create()

Posted by Andreas Probst <an...@gmx.net>.

Hi Willievu,

I'm afraid, this isn't a bug but a feature. SecurityImpl is 
developed that way. To read a child node, the user needs read 
permissions on all parents and the child. However, to write, a 
user needs read/write on the child node but only read 
permissions on the parent.

This is a user's point of view. I'm not a Slide developer.

Andreas


On 9 May 2003 at 5:09, bugzilla@apache.org wrote:

>         ReportedBy: willievu@yahoo.com
> 
> 
> Here is the scenario:
> 
> /                                [/users/root-/actions-inheritable]
> /files/john/resources            [/users/john-/actions-inheritable]
> /files/john/resources/folder1
> 
> Notice that john has all permissions under /files/john/resources.
> 
> Now, if I use structure helper to create /files/john/resources/folder1 using
> john, we get AccessDeniedException!!!
> 
> Access denied on / by user /users/john for action /actions/read
> org.apache.slide.security.AccessDeniedException: Access denied on / by user
> /users/john for action /actions/read
>   at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:389)
>   at org.apache.slide.structure.StructureImpl.create(StructureImpl.java:326)
> 
> 
> A workaround is to grant john /actions/read along /, /files/john.  However, it
> is very inconvenient as users in our system come and go.  Adding these extra
> permissions are undesirable.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: slide-dev-help@jakarta.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org

Re: DO NOT REPLY [Bug 19791] New: - AccessDeniedException is thrown in structure.create()

Posted by Andreas Probst <an...@gmx.net>.

Hi Willievu,

I'm afraid, this isn't a bug but a feature. SecurityImpl is 
developed that way. To read a child node, the user needs read 
permissions on all parents and the child. However, to write, a 
user needs read/write on the child node but only read 
permissions on the parent.

This is a user's point of view. I'm not a Slide developer.

Andreas


On 9 May 2003 at 5:09, bugzilla@apache.org wrote:

>         ReportedBy: willievu@yahoo.com
> 
> 
> Here is the scenario:
> 
> /                                [/users/root-/actions-inheritable]
> /files/john/resources            [/users/john-/actions-inheritable]
> /files/john/resources/folder1
> 
> Notice that john has all permissions under /files/john/resources.
> 
> Now, if I use structure helper to create /files/john/resources/folder1 using
> john, we get AccessDeniedException!!!
> 
> Access denied on / by user /users/john for action /actions/read
> org.apache.slide.security.AccessDeniedException: Access denied on / by user
> /users/john for action /actions/read
>   at org.apache.slide.security.SecurityImpl.checkCredentials(SecurityImpl.java:389)
>   at org.apache.slide.structure.StructureImpl.create(StructureImpl.java:326)
> 
> 
> A workaround is to grant john /actions/read along /, /files/john.  However, it
> is very inconvenient as users in our system come and go.  Adding these extra
> permissions are undesirable.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: slide-dev-help@jakarta.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org