As far as I know the "ordered ACL feature" is part of the ACL protocol. So Slide users should be able to rely on this feature.
Regards, Daniel > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Im Auftrag von Alan Wood > Gesendet: Mittwoch, 15. Dezember 2004 12:03 > An: Slide Users Mailing List > Betreff: Re: AW: ACL questions > > This ambiguity has caught me out before, spent days chasing ACL problems > only to find the 'order' of the entries makes a difference. > > If one is to use this 'hack' one might find oneself in trouble later > down the line, with one's users not having access to their files because > you have updated to some fture version of slide that works differently. > Also is this the same for different backend stores, can differences > occur if store backend are changed. > > What is the official position on this for slide, or rather what the > webdav official position on the way such ACL's are inplemented ? > > It would be nice to have a definative (unified) interpretation on the > slide list > > Daniel Florey wrote: > > >As far as I can remember the ordering of the ACL is very important for > the > >resulting permissions. The first entry that matches the user/required > >permission will indicate if the user if allowed to perform the required > >action. > >If this is true it would be possible to achieve what you had in mind by > >simply ordering the acls in the right way. > >Cheers, > >Daniel > > > > > > > >>-----Ursprüngliche Nachricht----- > >>Von: [EMAIL PROTECTED] > >>[mailto:[EMAIL PROTECTED] > >>Im Auftrag von Pontus Strand > >>Gesendet: Mittwoch, 15. Dezember 2004 10:28 > >>An: Slide Users Mailing List (E-mail) > >>Betreff: ACL questions > >> > >>Hello, > >> > >>I have spent a couple of days working with user access rights in the > >>application we are building. And I think I understand how things work by > >>now, almost ... :-) A couple of questions remain, however... > >> > >>The customer we work for wants the initial creator of a document to be > the > >>only one who has the right to assign access rights to that document. And > >>that is impossible, it seems, given the way ACL work in Slide. The way I > >>want this to work is to first grant "read" and "write" to our user > groups > >>(roles) on the collection where the file is stored. Second, I grant > >>"read-acl" and "write-acl2 to the user that created the document. > Finally, > >>I > >>deny "read-acl" and "write-acl" to our user groups. However, since the > >>user > >>is part of one of the user groups, the user is also denied "read-acl" > and > >>"write-acl". Now to my question, is there any way around this? I.e. can > I > >>grant a user belonging to a group higher access rights than that group? > >> > >>Another question in this area: Assume that we have a user A that is a > >>member > >>of groups B and C. Group B has "read" and "write" rights on a file and > >>group > >>C only has "read" rights. Will user A be able to write to that file? > This > >>is > >>not really part of the problem I need to solve, it just curiosity :-) > >> > >>Best regards, > >>Pontus Strand > >> > >>--------------------------------------------------------------------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
