2011/11/13 Justin Edelson <[email protected]>: >> >> Now, however there is a problem with the whole apprach - if a provider >> is an ACLAwareResourceProvider we need to know internally if the >> resource exists but the user is not allowed to access it, or if the >> resource does not exist. Otherwise we potentially end up with a >> resource at /somepath provided by provider A for user U1, and provided >> by provider B for user U2 as user U2 is not allowed to access this >> resource in provider A. > > Playing devil's advocate here... why is this a problem? This seems > like it might be a good thing in some cases. > Yes I thought about that as well and honestly, I'm not sure if it really poses a problem in reality though it doesn't look like a good feature. It basically would mean that different users requesting the same resource might end up with a different resource being served. That seems wrong to me - i see potential use case where you might want to serve kind of a placeholder resource if the user is not allowed to access the original resource, but this can already be solved in other ways today.
Regards Carsten -- Carsten Ziegeler [email protected]
