Hi !
I have a question about permission in slide,
here is my use case:
I have two users, example: /users/test and /users/test1
one directory file, example: /files/filedirectory.
in /files/filedirectory I created two directories:
/files/fileDirectory/test for /users/test and
/files/fileDirectory/test1 for /users/test1
the permissions are
/actions/read (not inheritable) for /users/test and /users/test1 in
/files/fileDirectory
/actions (inheritable) for /users/test in /files/fileDirectory/test
/actions (inheritable) for /users/test1 in /files/fileDirectory/test1
My question is, why /users/test1 can perform /actions in
/files/fileDirectory/test ?
as I see in SecurityImpl.java:
granted = (!permission.isNegative())
&& (subjectUri.toString()
.startsWith(permission.getSubjectUri()))
&& (actionUri.toString()
.startsWith(permission.getActionUri()));
denied = (permission.isNegative())
&& (subjectUri.toString()
.startsWith(permission.getSubjectUri()))
&& (actionUri.toString()
.startsWith(permission.getActionUri()));
subjectUri is /users/test1
permission.getSubjectUri() is /users/test. Because it used startsWith,
/users/test1 can access /actions from /users/test.
Why it used startsWith?
thanks.
piter
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
