To add a bit of context of why I want to understand the permissions. I am
making a small app which has a node for courses which should allow everyone
in author group to create courses. But, of course, I don't want different
authors to mess around with each other's courses.
For this, I could have courses from a particular author under their own
area (say, .../author1/courses). But, for quick listing of courses I want
to have at least a reference to actual course node in a common area (say,
.../courses).
So, let's say author a1 created course c1 and author a2 created course c2,
then I'd have a structure that looks something like:
<some root>
--a1
--courses (read to a1 write to all)
--c1
--a2
--courses (read to a1 write to all)
--c2
--courses (add/removeChildNodes to author group)
--ref-c1 [link=/a1/courses/c1] (removeNode to a1)
--ref-c2 [link=/a2/courses/c2] (removeNode to a2)
Now, since I need to have ref-c1 have an extra layer of ACL (removeNode to
a1), I plan to create ref-c1 in some special scratchpad area, give the
required ACL to ref-c1 and then move it under /a1/courses.
But, to do that I need to have read permission given to author group to all
elements in path / to .../courses.
Alongwith that, I need to give nodeTypeManagement to authors on
.../courses/* (since ref-c1 still doesn't exist under .../courses). But,
with /* even a2 would get nodeTypeManagement on c1 which I don't want to
do. This is what I really don't want to do and haven't been able to work
out how to handle it.
Also, I might be thinking about it in a completely incorrect way. Please
correct me, if that's so.
Thanks,
Vikas
