Hello Frank, I've just confirmed your test scenario. I also believe this is a bug :|
Best Regards, Miguel Figueiredo -----Original Message----- From: Punzo, Frank J (HTSC, IT) [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 12 de Janeiro de 2007 20:13 To: Slide Users Mailing List Subject: RE: CreateCollection I have tried this with no success. I'm wondering if there's a bug. I'm logging into my system as slide/users/manager1. I'm trying to write to folder /slide/files/folder1. The only way I can allow manager1 to write files (using DavExplorer->Write File) is to Grant the "write" permission. If I try to Grant anything but "write" it says unauthorized. I've even tried adding every other permission nested underneath the "write" permission. Below are the acls for folder1 the first set of acls does not work for manager1. The second set of acls does work for manager1. These permissions DO NOT allow WebDavExplorer File-Write File command inside of /slide/files/folder1 when logged in as /slide/users/manager1 ... /slide/users/manager1 write-content Grant /slide/users/manager1 unbind Grant /slide/users/manager1 bind Grant /slide/users/manager1 write-properties Grant /slide/users/manager1 unlock Grant /slide/users/manager1 write-acl Grant unauthenticated all Grant /slide/files property read-acl Grant /slide/files /slide/roles/root all Grant /slide/ all read-acl, write-acl, unlock Deny /slide/ all read Grant /slide/ These permissions DO allow WebDavExplorer File-Write File command inside of /slide/files/folder1 when logged in as /slide/users/manager1 ... /slide/users/manager1 write Grant unauthenticated all Grant /slide/files property read-acl Grant /slide/files /slide/roles/root all Grant /slide/ all read-acl, write-acl, unlock Deny /slide/ all read Grant /slide/ Why would granting "write" work and granting every other permission that sums to "write" not work? Has anyone seen this before? Can anyone suggest a work around? What I want to do is Grant the ability to write files inside of a folder but deny the ability to create more folders (collections) underneath. Thanks, Frank -----Original Message----- From: Miguel Figueiredo [mailto:[EMAIL PROTECTED] Sent: Friday, January 12, 2007 5:10 AM To: 'Slide Users Mailing List' Subject: RE: CreateCollection Hello Frank, According to ACL webdav spec, it is possible. Checkout this link, in the section <3.4. DAV:write-content Privilege> versus <3.9. DAV:bind Privilege>: http://www.ietf.org/rfc/rfc3744.txt Hope this helps, Miguel Figueiredo -----Original Message----- From: Punzo, Frank J (HTSC, IT) [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 11 de Janeiro de 2007 18:17 To: slide-user@jakarta.apache.org Subject: CreateCollection I have Slide working on our Weblogic 8.1 environment. I have figured out how to add users/roles and to grant access to resources. One question... can someone recommend the best way to grant a role the ability to write files in a directory... but deny the ability to create sub-directories underneath it. I want to set up a structure for people (a taxonomy) and allow them the ability to write files into it but don't want people adding more directories. Is this possible? --Frank ************************************************************************ * This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ************************************************************************ * --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ************************************************************************* This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ************************************************************************* --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
