Hi Rainer, I would say this is expected behavior. If you want this to work even for the first time, your test-user has to have read right to all the nodes in the hierarchy up to the root. What happens during activation is that first existence of the node itself is checked, if it exists and activating user has rights to write to that location, node is activated. On the other hand if the node itself doesn't exist (first time activation), the existence of the parent node need to be checked (since you can't activate unless parent exists), but if activating user has no right to read the parent node of the activated node, then the existence of such parent can't be checked, hence the whole activation fails. Even if your test-user had a read right to the /foo the activation will most likely not succeed, since to create child of /foo you need to have write access to its subnodes.
HTH, Jan On Tue, 2009-02-03 at 02:39 -0800, rainer wrote: > > Hi list, > > i just got a very strange problem. I need a user that should be able to > only-read "/foo" and activate "/bar" - so: > > I create a role with the following website rights: > > READ ONLY: "/" > READ / WRITE : "/foo/bar" > > > Then i log in as the test-user with the just described role and try to > activate the page "/foo/bar". It doesnt work. If i activate the "/foo/bar" > page beforehead as superuser - i can reactivate the page whenever i want to > - using my test-user. But if the page is not already activated, the publish > instance throws the error: > > "Can't activate: : Message received from subscriber: Activation failed. User > not allowed to Add, Set, Read path /foo" > > On author-instance i have the opportunity to "activate" "/foo/bar" - a right > click shows me the option to activate it. > > SUMMARY: If "/foo/bar" is not already present on publish - i cant activate > it. If it s present everything is fine. > > Please let me know, how to get this done. Is this a bug or default Magnolia > behaviour? > > > regards > rainer > > > PS. It is 3.5.4. -- Best regards, Jan Haderka Magnolia International Ltd. ---------------------------------------------------------------------- [email protected] http://www.magnolia-cms.com Magnolia® - Simple Open Source Content Management ---------------------------------------------------------------------- ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
