Hi Oleg, On Wed, 9 Sep 2009 14:26:47 -0400, Oleg Barmin <[email protected]> wrote: > I have found the reason of such behavior. Lenya security policy is based on > the subtree-policy.acml files. Root policy file for the live area contains > only following: > > <world> > <role id="visit" method="grant"/> > </world> > > So only the "visit" role is granted even for the authorized users. But > usecase requires session role. > I have changed config file content: > > <world> > <role id="visit" method="grant"/> > </world> > > <group id="editor"> > <role id="session" method="grant" /> > </group> > <group id="reviewer"> > <role id="session" method="grant" /> > </group> > <group id="admin"> > <role id="session" method="grant" /> > </group> > <group id="sitemanager"> > <role id="session" method="grant" /> > </group> > > Now the session role is granted to the members of configured groups. But I > want to grant session role for all authorized users from any groups. How to > do it?
Maybe It's a big false idea, but with using the <world> tag like this : <world> <role id="session" method="grant"/> </world> ??? Apart from that, does your module offer the possibility to comment articles from the live area ? If it's that, I think It's a great thing for Lenya ! Do you think you will share this ? Have a good ]coding[ day > > ________________________________________ > From: Oleg Barmin > Sent: Saturday, September 05, 2009 6:17 AM > To: [email protected] > Subject: usecase and live view > > Hi, > > I've added a new usecase to store comments to publications. It works with > "authoring view" but when I try to use it in a "live view" I get "Access > Denied" page. > > Permissions for this use case are following > (\build\lenya\webapp\lenya\pubs\ksapoc\config\access-control\usecase-policies.xml): > > <ac:usecase id="mboard.addComment"> > <ac:role id="session" /> > </ac:usecase> > > Why I get "Access Denied" error for the authorized users? > > Best regards, > Oleg Barmin. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
