incubator-graffito-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe Lombart <christophe.lomb...@gmail.com>
Subject Re: User interaction in Graffito
Date Fri, 26 Aug 2005 14:37:24 GMT
Martin, 

3 comments : 
1. The Graffito Lock Service is not yet implemented.
2. Permission management  is based on JASS. Permissions depend on a
Principal, an URI pattern and a permission type (view, edit, ...) .
3. The Subject info is coming from the portal request.
CmsRequestContextManager.getCurrentCmsRequestContext().

You can define the following security rules in the Graffito db (table
SECURITY_PERMISSION) :

See the OJB implementation to get more info how the engine checks the
permissions (org.apache.portals.graffito.store.impl.ojb.GraffitoOJBStore.java)

Here is some permission examples :
1. 'Admin group' '/graffito/-' 'all' : The admin group has all
permissions on path /graffito and it children (content & subfolders).
2. 'User john' '/graffito/afolder/adocument' "view" The user john can
only view the document
'/graffito/afolder/adocument
3. 'Guest group', '/graffito/public/*' "view" The group guest can view
all documents in the /graffito/public folder (but not in the
subfolders).

we have only a limited number of permissions ( view, edit, lock,
unlock, delete, insert, update). I would like to refactor the
permissions management to have the flexiblity to add new ones. All
ideas are welcome.

Christophe



2005/8/26, Martin Koci <martin.koci@aura.cz>:
> How to identify user which performs a action, for example imports a new
> document?
> 
> For example: JCR defines interface javax.jcr.Session; usual way
> elsewhere is User object passed as method parameter or simple String
> userId as parameter; HttpSession is used in Servlet enviroment.
> 
> Such identification must exists for locking service - My idea is to
> obtain a exception "URI (node) locked by user Martin" or something like
> that.
> 
> Thanks,
> 
> Martin
> 
> --
> Mgr. Martin Kočí
> ---------------------------------
> AURA, s.r.o.
> Úvoz 499/56; 602 00 Brno
> ISO 9001 certifikovaná společnost
> tel./fax: +420 5 43 24 51 11
> e-mail:  martin.koci@aura.cz
> internet: http://www.aura.cz
>          http://www.j2ee.cz
> ---------------------------------
> 
>
Mime
View raw message