From: SourceForge.net <no...@so...> - 2010-03-17 04:49:23
|
Bugs item #2971761, was opened at 2010-03-16 21:49 Message generated for change (Tracker Item Submitted) made by mooreamm2 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=117691&aid=2971761&group_id=17691 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Michael Moore (mooreamm2) Assigned to: Nobody/Anonymous (nobody) Summary: Inaccurate Note in Security documentation Initial Comment: In the security documentation at security.xml, a Note indicates "Please be aware that permissions for collections are NOT inherited by their sub-collections, i.e. write permissions can be set for some sub-collections, but you must also have write permissions for the parent collection for these to be effective." While it seems correct that permissions for collections are not inherited, the example given seems to be false for write and update permissions, and true only for read permissions. Tested by creating a collection with only read permissions for a user, then a sub-collection with read, write and update permissions for the user. Connecting as the given user, Exist allows a resource to be created and deleted (for example, using the GUI client to issue "Create blank document" or "Remove" commands) within the sub-collection. The absence of write or update permissions in the parent collection do not make those permissions ineffective for the sub-collection as indicated in the Note. The entire note may be more clear to address only the read permission as in "read permissions must be indicated for all parent collections for read permissions on sub-collections or resources to be effective, whereas write and update permissions are not required in parent collections for the permission to be effective for a sub-collection or resource". ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=117691&aid=2971761&group_id=17691 |