chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Müller <>
Subject Re: Allowable actions and ACLs
Date Thu, 18 Dec 2014 14:57:03 GMT
Hi Jochen,

OpenCMIS does not calculate the Allowable Actions for you. The server 
implementation has to do that.
Depending on the repository, the Allowable Actions can include something 
that is not expressible with ACLs. For example, even if a user can see a 
folder, that doesn't mean that the user is allowed to call 
getChildren(). That can vary from folder to folder in a repository 
because of another rule, a police, or configuration.
There are also some edge cases. The root folder, for example, cannot be 
moved or deleted even if the user has the cmis:all permission.

- Florian

> Hi there,
> we enhanced the OpenCMIS JCR bridge by adding support for ACLs. We
> implemented the getAcl and applyAcl methods and set ACL capabilities
> in the repository info.
> How do ACLs influence the allowable actions of an object? Do I have to
> calculate the allowable actions on my own or does OpenCMIS combine the
> "base" allowable actions of an object with the permission mapping
> specified in the repository info?
> Regards
> Jochen

View raw message