Hello Michael, The bug I was mentioning refers _also_ when an owner of a directory cannot create files inside it, and it was clearly granted write permissions to the owner of that directory.
This bug appears in other forms, for example: I forbid read privilege to directory a/, and grant read/write privileges on directory a/b/c. When I try to create a file inside /a/b/c it's forbidden. Only if I allow read privilege on directory a/ I can create a file inside. This bug is related with 'create' operations. 'update' operations work well, if I remember correctly. Best regards, Miguel Figueiredo -----Original Message----- From: Michael Oliver [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 24 de Novembro de 2005 15:41 To: 'Slide Users Mailing List' Subject: RE: Any tips on what I am doing wrong? (ACL) You are saying the owner of a collection cannot create a collection under the collection where the 'all' was granted? Or another user cannot create a collection under the collection with the 'all' granted to the owner and read/write not iheritable granted to all other users? I believe you are mistaken about the use of 'owner' it is related to the resource involved. For example if /files/mystuff/ was owned by john2 with all permissions granted and inherited and read/write granted to the user 'john' and not inherited. Then the owner could create a new collection at /files/mystuff/new folder/ but john could not because his write permissions are not inherited to children of /files/mystuff/ but john could write to the live properties of /files/mystuff/ because he was granted write permission on that resource. Michael Oliver CTO Alarius Systems LLC 6800 E. Lake Mead Blvd, #1096 Las Vegas, NV 89156 Phone:(702)953-8949 Fax:(702)974-0341 *Note new email changed from [EMAIL PROTECTED] -----Original Message----- From: Crespillo, Matias [mailto:[EMAIL PROTECTED] Sent: Thursday, November 24, 2005 7:17 AM To: Slide Users Mailing List Subject: RE: Any tips on what I am doing wrong? (ACL) cool ty :) -----Mensaje original----- De: Michael Oliver [mailto:[EMAIL PROTECTED] Enviado el: Jueves, 24 de Noviembre de 2005 12:14 Para: 'Slide Users Mailing List' Asunto: RE: Any tips on what I am doing wrong? (ACL) Ok, thanks for the clarification. I will see what I can see but I am not a committer yet so I may not be able to fix in the release but may have a patch. Michael Oliver CTO Alarius Systems LLC 6800 E. Lake Mead Blvd, #1096 Las Vegas, NV 89156 Phone:(702)953-8949 Fax:(702)974-0341 *Note new email changed from [EMAIL PROTECTED] -----Original Message----- From: Crespillo, Matias [mailto:[EMAIL PROTECTED] Sent: Thursday, November 24, 2005 7:00 AM To: Slide Users Mailing List Subject: RE: Any tips on what I am doing wrong? (ACL) >but it may just be I don't >understand what you are doing specifically enough to say. It think it is the case here, the problem is as follow if a collection has write/read permissions for "all" NON inheritable AND owner permission "all" inheritable you should be able to create a collection wich should end up having owner permissions "all" but not read/write permissions for all. But since slide checks for permissions on the child folder before actually assigning an owner to that collection, it is as if no one had permissions to write that collection ergo. P.S. i think i owe you a couple periods and a comma or 2. What would be the point of granting write on a collection without inheritable being true? Creating a resource of either type in a collection is writing to that collection so you must have write permission to do that. Michael Oliver CTO Alarius Systems LLC 6800 E. Lake Mead Blvd, #1096 Las Vegas, NV 89156 Phone:(702)953-8949 Fax:(702)974-0341 *Note new email changed from [EMAIL PROTECTED] -----Original Message----- From: Crespillo, Matias [mailto:[EMAIL PROTECTED] Sent: Thursday, November 24, 2005 4:36 AM To: Slide Users Mailing List Subject: RE: Any tips on what I am doing wrong? (ACL) I know what you mean about time things. Thanks a bunch for the tip. You just saved me a whole day of researching slide core :) have a nice day. -----Mensaje original----- De: Miguel Figueiredo [mailto:[EMAIL PROTECTED] Enviado el: Jueves, 24 de Noviembre de 2005 09:38 Para: 'Slide Users Mailing List' Asunto: RE: Any tips on what I am doing wrong? (ACL) Hello Matias, No I didn't. I tried to correct the bug... but it's damn hard to figure what to do inside Slide's core. Our workaround was to create a super user that can do everything starting on /files namespace. That solved some problems but the bug persisted, and it's quite annoying sometimes. Since time is limited, I moved on to other tasks before even scratch at a possible resolution. Best regards, Miguel Figueiredo -----Original Message----- From: Crespillo, Matias [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 24 de Novembro de 2005 12:01 To: Slide Users Mailing List Subject: RE: Any tips on what I am doing wrong? (ACL) Thanks Miguel, did you find a workaround or alternative for this? regards. -----Mensaje original----- De: Miguel Figueiredo [mailto:[EMAIL PROTECTED] Enviado el: Jueves, 24 de Noviembre de 2005 06:33 Para: 'Slide Users Mailing List' Asunto: RE: Any tips on what I am doing wrong? (ACL) Hello Matias, That is a known bug in Slide, check this out: http://issues.apache.org/bugzilla/show_bug.cgi?id=32352 Best Regards, Miguel Figueiredo -----Original Message----- From: Crespillo, Matias [mailto:[EMAIL PROTECTED] Sent: quarta-feira, 23 de Novembro de 2005 19:22 To: Slide Users Mailing List Subject: RE: Any tips on what I am doing wrong? (ACL) more input I actually have to give the parent folder the permissions read/write inheritable for my user to be able to create a new collection. I have been struglin all day with this and I am at this point in a where to go situation -----Mensaje original----- De: Crespillo, Matias Enviado el: Miércoles, 23 de Noviembre de 2005 15:05 Para: Slide Users Mailing List Asunto: Any tips on what I am doing wrong? (ACL) Ok a have a folder browser with permissions: <permission subjectUri="all" actionUri="/actions/read" inheritable="false" negative="false" /> <permission subjectUri="all" actionUri="/actions/write" inheritable="false" negative="false" /> <permission subjectUri="owner" actionUri="all" inheritable="true" negative="false" /> the problem is that when i login and try to create a collection it will return 403 forbidden, shouldn't it allow me to create a folder since i am granting all permissions to the owner wich is the file creator? regards. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
